| 2019-07-19 | CVE-2019-1010238 | Out-of-bounds Write vulnerability in multiple products
Gnome Pango 1.42 and later is affected by: Buffer Overflow. | 9.8 |
| 2019-07-19 | CVE-2019-1010142 | Infinite Loop vulnerability in multiple products
scapy 2.4.0 is affected by: Denial of Service. | 7.5 |
| 2019-07-18 | CVE-2019-1010065 | Integer Overflow or Wraparound vulnerability in multiple products
The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. | 6.5 |
| 2019-07-17 | CVE-2019-13619 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. | 7.5 |
| 2019-07-17 | CVE-2019-13626 | Out-of-bounds Read vulnerability in multiple products
SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c. | 6.5 |
| 2019-07-17 | CVE-2019-13272 | In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). | 7.8 |
| 2019-07-17 | CVE-2019-9849 | LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. | 4.3 |
| 2019-07-17 | CVE-2019-9848 | Code Injection vulnerability in multiple products
LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. | 9.8 |
| 2019-07-16 | CVE-2019-13115 | Integer Overflow or Wraparound vulnerability in multiple products
In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. | 8.1 |
| 2019-07-16 | CVE-2019-10191 | A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS protocol. | 7.5 |