Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-17	CVE-2019-15133	Divide By Zero vulnerability in multiple products In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero. network low complexity giflib-project canonical debian CWE-369	6.5
2019-08-16	CVE-2019-5477	OS Command Injection vulnerability in multiple products A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess via Ruby's `Kernel.open` method. network low complexity nokogiri canonical debian CWE-78 critical	9.8
2019-08-16	CVE-2019-15118	Uncontrolled Recursion vulnerability in multiple products check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. local low complexity linux canonical debian opensuse netapp CWE-674	5.5
2019-08-16	CVE-2019-15099	NULL Pointer Dereference vulnerability in multiple products drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. network low complexity linux canonical CWE-476	7.5
2019-08-16	CVE-2019-15098	NULL Pointer Dereference vulnerability in multiple products drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. low complexity linux canonical opensuse netapp debian CWE-476	4.6
2019-08-16	CVE-2019-15090	Out-of-bounds Read vulnerability in multiple products An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. local low complexity linux canonical opensuse CWE-125	6.7
2019-08-15	CVE-2019-9852	Path Traversal vulnerability in multiple products LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. local low complexity debian canonical opensuse fedoraproject libreoffice CWE-22	7.8
2019-08-15	CVE-2019-9851	Improper Input Validation vulnerability in multiple products LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. network low complexity debian canonical opensuse fedoraproject libreoffice CWE-20 critical	9.8
2019-08-15	CVE-2019-9850	Improper Input Validation vulnerability in multiple products LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. network low complexity debian canonical opensuse fedoraproject libreoffice CWE-20 critical	9.8
2019-08-15	CVE-2019-13377	Information Exposure Through Discrepancy vulnerability in multiple products The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. network high complexity w1-fi fedoraproject canonical debian CWE-203	5.9