Vulnerabilities > Canonical > Ubuntu Linux > 18.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-30 | CVE-2019-19462 | NULL Pointer Dereference vulnerability in multiple products relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result. | 5.5 |
| 2019-11-29 | CVE-2019-14901 | Heap-based Buffer Overflow vulnerability in multiple products A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. | 9.8 |
| 2019-11-29 | CVE-2019-14897 | Stack-based Buffer Overflow vulnerability in multiple products A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. | 9.8 |
| 2019-11-29 | CVE-2019-14895 | Heap-based Buffer Overflow vulnerability in multiple products A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. | 9.8 |
| 2019-11-28 | CVE-2019-19318 | Use After Free vulnerability in multiple products In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer, | 2.1 |
| 2019-11-27 | CVE-2019-18660 | Information Exposure vulnerability in multiple products The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. | 4.7 |
| 2019-11-27 | CVE-2019-19242 | NULL Pointer Dereference vulnerability in multiple products SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLUMN case in sqlite3ExprCodeTarget in expr.c. | 4.3 |
| 2019-11-27 | CVE-2019-19330 | Injection vulnerability in multiple products The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks. | 9.8 |
| 2019-11-27 | CVE-2019-10220 | Path Traversal vulnerability in multiple products Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. | 8.8 |
| 2019-11-27 | CVE-2019-14896 | Heap-based Buffer Overflow vulnerability in multiple products A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. | 9.8 |