Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-16	CVE-2019-15118	Uncontrolled Recursion vulnerability in multiple products check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. local low complexity linux canonical debian opensuse netapp CWE-674	5.5
2019-08-16	CVE-2019-15098	NULL Pointer Dereference vulnerability in multiple products drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. low complexity linux canonical opensuse netapp debian CWE-476	4.6
2019-08-15	CVE-2019-13377	Information Exposure Through Discrepancy vulnerability in multiple products The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. network high complexity w1-fi fedoraproject canonical debian CWE-203	5.9
2019-08-15	CVE-2019-13223	Reachable Assertion vulnerability in multiple products A reachable assertion in the lookup1_values function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. local low complexity stb-vorbis-project debian CWE-617	5.5
2019-08-15	CVE-2019-13219	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference in the get_window function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. local low complexity stb-vorbis-project debian CWE-476	5.5
2019-08-15	CVE-2019-13218	Divide By Zero vulnerability in multiple products Division by zero in the predict_point function in stb_vorbis through 2019-03-04 allows an attacker to cause a denial of service by opening a crafted Ogg Vorbis file. local low complexity stb-vorbis-project debian CWE-369	5.5
2019-08-14	CVE-2019-9506	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. low complexity google apple canonical debian opensuse redhat huawei CWE-327	4.8
2019-08-14	CVE-2019-14973	Integer Overflow or Wraparound vulnerability in multiple products _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. network low complexity libtiff debian fedoraproject opensuse CWE-190	6.5
2019-08-13	CVE-2019-9516	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. network low complexity apple apache canonical debian fedoraproject synology opensuse redhat oracle mcafee f5 nodejs CWE-770	6.5
2019-08-12	CVE-2019-14981	Divide By Zero vulnerability in multiple products In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. network imagemagick debian canonical opensuse CWE-369	4.3