Vulnerabilities > Canonical > Ubuntu Linux > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-17 | CVE-2019-16392 | Cross-site Scripting vulnerability in multiple products SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages. | 6.1 |
| 2019-09-17 | CVE-2019-16391 | SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors to modify any published content and execute other modifications in the database. | 6.5 |
| 2019-09-12 | CVE-2019-16275 | Origin Validation Error vulnerability in multiple products hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. | 6.5 |
| 2019-09-11 | CVE-2019-16234 | NULL Pointer Dereference vulnerability in multiple products drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | 4.7 |
| 2019-09-11 | CVE-2019-16233 | NULL Pointer Dereference vulnerability in multiple products drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | 4.7 |
| 2019-09-11 | CVE-2019-16232 | NULL Pointer Dereference vulnerability in multiple products drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | 4.1 |
| 2019-09-11 | CVE-2019-16231 | NULL Pointer Dereference vulnerability in multiple products drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | 4.7 |
| 2019-09-11 | CVE-2019-16229 | NULL Pointer Dereference vulnerability in multiple products drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | 4.1 |
| 2019-09-09 | CVE-2019-16168 | Divide By Zero vulnerability in multiple products In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner." | 6.5 |
| 2019-09-09 | CVE-2019-16167 | Integer Overflow or Wraparound vulnerability in multiple products sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c. | 5.5 |