| 2019-09-27 | CVE-2019-9278 | Integer Overflow or Wraparound vulnerability in multiple products
In libexif, there is a possible out of bounds write due to an integer overflow. | 8.8 |
| 2019-09-27 | CVE-2019-9232 | Out-of-bounds Read vulnerability in multiple products
In libvpx, there is a possible out of bounds read due to a missing bounds check. | 7.5 |
| 2019-09-27 | CVE-2019-11740 | Out-of-bounds Write vulnerability in multiple products
Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. | 8.8 |
| 2019-09-26 | CVE-2019-16869 | HTTP Request Smuggling vulnerability in multiple products
Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling. | 7.5 |
| 2019-09-25 | CVE-2019-16884 | Incorrect Authorization vulnerability in multiple products
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. | 7.5 |
| 2019-09-24 | CVE-2019-16729 | pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups. | 7.8 |
| 2019-09-23 | CVE-2019-16714 | Missing Initialization of Resource vulnerability in multiple products
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized. | 7.5 |
| 2019-09-20 | CVE-2019-14816 | There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | 7.8 |
| 2019-09-20 | CVE-2019-14814 | There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. | 7.8 |
| 2019-09-19 | CVE-2019-14821 | An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. | 8.8 |