Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-17	CVE-2019-13272	In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). local low complexity linux debian fedoraproject canonical redhat netapp	7.8
2019-07-17	CVE-2019-9849	LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. network low complexity libreoffice canonical fedoraproject debian opensuse	4.3
2019-07-17	CVE-2019-9848	Code Injection vulnerability in multiple products LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. network low complexity libreoffice canonical fedoraproject debian opensuse CWE-94 critical	9.8
2019-07-16	CVE-2019-13616	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. network low complexity libsdl debian opensuse fedoraproject canonical redhat CWE-125	8.1
2019-07-15	CVE-2019-1010305	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libmspack 0.9.1alpha is affected by: Buffer Overflow. local low complexity kyzer fedoraproject debian canonical CWE-119	5.5
2019-07-15	CVE-2019-1010006	Integer Overflow or Wraparound vulnerability in multiple products Evince 3.26.0 is affected by buffer overflow. local low complexity gnome canonical debian opensuse CWE-190	7.8
2019-07-14	CVE-2019-13602	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file. local low complexity videolan debian canonical opensuse CWE-191	7.8
2019-07-11	CVE-2019-1010319	Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. local low complexity wavpack fedoraproject canonical debian CWE-908	5.5
2019-07-11	CVE-2019-1010317	Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. local low complexity wavpack fedoraproject canonical debian CWE-908	5.5
2019-07-11	CVE-2019-1010315	Divide By Zero vulnerability in multiple products WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. local low complexity wavpack fedoraproject debian canonical CWE-369	5.5