High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-26	CVE-2019-16869	HTTP Request Smuggling vulnerability in multiple products Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling. network low complexity netty debian canonical redhat CWE-444	7.5
2019-09-25	CVE-2019-15941	Incorrect Authorization vulnerability in multiple products OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. network low complexity lemonldap-ng debian CWE-863	7.5
2019-09-24	CVE-2019-16729	pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups. local low complexity pam-python-project debian canonical	7.8
2019-09-20	CVE-2019-14816	Heap-based Buffer Overflow vulnerability in multiple products There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. local low complexity linux redhat debian fedoraproject netapp canonical opensuse CWE-122	7.8
2019-09-20	CVE-2019-14814	Heap-based Buffer Overflow vulnerability in multiple products There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. local low complexity linux redhat debian canonical opensuse netapp CWE-122	7.8
2019-09-19	CVE-2019-14821	Out-of-bounds Write vulnerability in multiple products An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. local low complexity linux redhat canonical opensuse fedoraproject debian netapp oracle CWE-787	8.8
2019-09-17	CVE-2019-14835	Classic Buffer Overflow vulnerability in multiple products A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. local low complexity linux canonical debian fedoraproject opensuse netapp redhat huawei CWE-120	7.8
2019-09-15	CVE-2019-16319	Infinite Loop vulnerability in multiple products In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. network low complexity wireshark opensuse debian CWE-835	7.5
2019-09-11	CVE-2019-16237	Origin Validation Error vulnerability in multiple products Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala. network low complexity dino canonical fedoraproject debian CWE-346	7.5
2019-09-11	CVE-2019-16236	Missing Authorization vulnerability in multiple products Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala. network low complexity dino canonical fedoraproject debian CWE-862	7.5