Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-16056 |
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally. Published: September 06, 2019; 2:15:15 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2019-15925 |
An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg in the file drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c. Published: September 04, 2019; 5:15:10 PM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2019-10197 |
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share. Published: September 03, 2019; 11:15:11 AM -0400 |
V3.0: 9.1 CRITICAL V2.0: 6.4 MEDIUM |
CVE-2019-15717 |
Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP. Published: August 29, 2019; 1:15:15 PM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2019-7307 |
Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to any other file on the system and so cause Apport to include the contents of this other file in the resulting crash report. The crash report could then be read by that user either by causing it to be uploaded and reported to Launchpad, or by leveraging some other vulnerability to read the resulting crash report, and so allow the user to read arbitrary files on the system. Published: August 29, 2019; 11:15:11 AM -0400 |
V3.1: 7.0 HIGH V2.0: 4.4 MEDIUM |
CVE-2019-11476 |
An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the whoopsie process. Published: August 29, 2019; 11:15:10 AM -0400 |
V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2019-15538 |
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS. Published: August 25, 2019; 12:15:11 PM -0400 |
V3.1: 7.5 HIGH V2.0: 7.8 HIGH |
CVE-2019-15505 |
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). Published: August 23, 2019; 2:15:10 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2019-15504 |
drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir). Published: August 23, 2019; 2:15:10 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2019-15223 |
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver. Published: August 19, 2019; 6:15:12 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15221 |
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver. Published: August 19, 2019; 6:15:11 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15220 |
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver. Published: August 19, 2019; 6:15:11 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15219 |
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver. Published: August 19, 2019; 6:15:11 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15218 |
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver. Published: August 19, 2019; 6:15:11 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15217 |
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver. Published: August 19, 2019; 6:15:11 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15216 |
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver. Published: August 19, 2019; 6:15:11 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15215 |
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver. Published: August 19, 2019; 6:15:11 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15212 |
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver. Published: August 19, 2019; 6:15:11 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15211 |
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory. Published: August 19, 2019; 6:15:11 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-15145 |
DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h. Published: August 18, 2019; 3:15:10 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.3 MEDIUM |