18.04

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-16	CVE-2019-15098	NULL Pointer Dereference vulnerability in multiple products drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. low complexity linux canonical opensuse netapp debian CWE-476	4.6
2019-08-16	CVE-2019-15090	Out-of-bounds Read vulnerability in Linux Kernel An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. local low complexity linux canonical opensuse CWE-125	4.6
2019-08-15	CVE-2019-9852	Path Traversal vulnerability in multiple products LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. local low complexity debian canonical opensuse fedoraproject libreoffice CWE-22	7.8
2019-08-15	CVE-2019-9851	Improper Input Validation vulnerability in multiple products LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. network low complexity debian canonical opensuse fedoraproject libreoffice CWE-20 critical	9.8
2019-08-15	CVE-2019-9850	Improper Input Validation vulnerability in multiple products LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. network low complexity debian canonical opensuse fedoraproject libreoffice CWE-20 critical	9.8
2019-08-15	CVE-2019-13377	Information Exposure Through Discrepancy vulnerability in multiple products The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. network high complexity w1-fi fedoraproject canonical debian CWE-203	5.9
2019-08-15	CVE-2019-12854	Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. network low complexity squid-cache debian fedoraproject canonical opensuse	7.5
2019-08-14	CVE-2019-9506	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. low complexity google apple canonical debian opensuse redhat huawei CWE-327	4.8
2019-08-13	CVE-2019-9518	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. network low complexity apple apache canonical debian synology fedoraproject opensuse redhat oracle mcafee nodejs CWE-770	7.5
2019-08-13	CVE-2019-9517	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. network low complexity apple apache canonical debian synology fedoraproject opensuse redhat oracle mcafee netapp nodejs CWE-770	7.5