High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-17	CVE-2019-17666	Classic Buffer Overflow vulnerability in multiple products rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. low complexity linux debian canonical CWE-120	8.8
2019-10-11	CVE-2019-2215	Use After Free vulnerability in multiple products A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. local low complexity google debian canonical netapp huawei CWE-416	7.8
2019-10-03	CVE-2019-16866	Use of Uninitialized Resource vulnerability in multiple products Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. network low complexity nlnetlabs canonical CWE-908	7.5
2019-10-03	CVE-2019-15166	Classic Buffer Overflow vulnerability in multiple products lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. network low complexity tcpdump apple debian fedoraproject opensuse redhat netapp canonical CWE-120	7.5
2019-09-27	CVE-2019-9278	Integer Overflow or Wraparound vulnerability in multiple products In libexif, there is a possible out of bounds write due to an integer overflow. network low complexity google opensuse fedoraproject debian canonical CWE-190	8.8
2019-09-27	CVE-2019-9232	Out-of-bounds Read vulnerability in multiple products In libvpx, there is a possible out of bounds read due to a missing bounds check. network low complexity google canonical opensuse fedoraproject debian CWE-125	7.5
2019-09-27	CVE-2019-11740	Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. network low complexity mozilla canonical opensuse CWE-787	8.8
2019-09-26	CVE-2019-16869	HTTP Request Smuggling vulnerability in multiple products Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling. network low complexity netty debian canonical redhat CWE-444	7.5
2019-09-25	CVE-2019-16884	Incorrect Authorization vulnerability in multiple products runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. network low complexity linuxfoundation docker fedoraproject opensuse redhat canonical CWE-863	7.5
2019-09-24	CVE-2019-16729	pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups. local low complexity pam-python-project debian canonical	7.8