14.04

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-01	CVE-2019-18609	Out-of-bounds Write vulnerability in multiple products An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. network low complexity rabbitmq-c-project fedoraproject canonical debian CWE-787 critical	9.8
2019-11-30	CVE-2019-19462	NULL Pointer Dereference vulnerability in multiple products relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result. local low complexity linux netapp canonical opensuse debian CWE-476	5.5
2019-11-29	CVE-2015-3406	Incorrect Conversion between Numeric Types vulnerability in multiple products The PGP signature parsing in Module::Signature before 0.74 allows remote attackers to cause the unsigned portion of a SIGNATURE file to be treated as the signed portion via unspecified vectors. network low complexity module-signature-project canonical CWE-681	6.4
2019-11-29	CVE-2019-14901	Heap-based Buffer Overflow vulnerability in multiple products A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. network low complexity linux fedoraproject debian canonical CWE-122 critical	9.8
2019-11-29	CVE-2019-14897	Stack-based Buffer Overflow vulnerability in multiple products A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. network low complexity linux debian canonical CWE-121 critical	9.8
2019-11-29	CVE-2019-14895	Heap-based Buffer Overflow vulnerability in multiple products A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. network low complexity linux debian canonical fedoraproject opensuse CWE-122 critical	9.8
2019-11-28	CVE-2019-19318	Use After Free vulnerability in multiple products In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer, local low complexity linux opensuse canonical debian netapp CWE-416	2.1
2019-11-27	CVE-2019-18660	Information Exposure vulnerability in multiple products The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. local high complexity linux redhat canonical fedoraproject opensuse CWE-200	4.7
2019-11-27	CVE-2019-14896	Heap-based Buffer Overflow vulnerability in multiple products A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. network low complexity linux redhat fedoraproject canonical debian CWE-122 critical	9.8
2019-11-25	CVE-2019-19246	Out-of-bounds Read vulnerability in multiple products Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c. network low complexity oniguruma-project php fedoraproject canonical debian CWE-125	7.5