Vulnerabilities > Canonical > Ubuntu Linux > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-27 | CVE-2019-10220 | Path Traversal vulnerability in multiple products Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. | 8.8 |
| 2019-11-26 | CVE-2019-18679 | Information Exposure vulnerability in multiple products An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. | 7.5 |
| 2019-11-26 | CVE-2019-18676 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid 3.x and 4.x through 4.8. | 7.5 |
| 2019-11-25 | CVE-2019-19246 | Out-of-bounds Read vulnerability in multiple products Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c. | 7.5 |
| 2019-11-20 | CVE-2015-3166 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error. | 7.5 |
| 2019-11-20 | CVE-2019-3466 | Improper Privilege Management vulnerability in multiple products The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. | 7.2 |
| 2019-11-18 | CVE-2019-19079 | Memory Leak vulnerability in multiple products A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19. | 7.5 |
| 2019-11-18 | CVE-2019-19078 | Memory Leak vulnerability in multiple products A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2. | 7.5 |
| 2019-11-18 | CVE-2019-19075 | Memory Leak vulnerability in multiple products A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e. | 7.5 |
| 2019-11-18 | CVE-2019-19074 | Memory Leak vulnerability in multiple products A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4. | 7.5 |