High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-18	CVE-2019-18198	Missing Release of Resource after Effective Lifetime vulnerability in multiple products In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753. local low complexity linux canonical CWE-772	7.8
2019-10-17	CVE-2019-14287	Improper Handling of Exceptional Conditions vulnerability in multiple products In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. network low complexity sudo-project fedoraproject debian opensuse canonical netapp redhat CWE-755	8.8
2019-10-17	CVE-2019-17666	Classic Buffer Overflow vulnerability in multiple products rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. low complexity linux debian canonical CWE-120	8.8
2019-10-14	CVE-2019-17542	Improper Validation of Array Index vulnerability in multiple products FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c. network low complexity ffmpeg canonical debian CWE-129	7.5
2019-10-14	CVE-2019-17539	NULL Pointer Dereference vulnerability in multiple products In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer. network low complexity ffmpeg debian canonical CWE-476	7.5
2019-10-11	CVE-2019-2215	Use After Free vulnerability in multiple products A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. local low complexity google debian canonical netapp huawei CWE-416	7.8
2019-10-03	CVE-2019-16866	Use of Uninitialized Resource vulnerability in multiple products Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. network low complexity nlnetlabs canonical CWE-908	7.5
2019-10-03	CVE-2019-15166	Classic Buffer Overflow vulnerability in multiple products lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. network low complexity tcpdump apple debian fedoraproject opensuse redhat netapp canonical CWE-120	7.5
2019-09-27	CVE-2019-9278	Integer Overflow or Wraparound vulnerability in multiple products In libexif, there is a possible out of bounds write due to an integer overflow. network low complexity google opensuse fedoraproject debian canonical CWE-190	8.8
2019-09-27	CVE-2019-9232	Out-of-bounds Read vulnerability in multiple products In libvpx, there is a possible out of bounds read due to a missing bounds check. network low complexity google canonical opensuse fedoraproject debian CWE-125	7.5