High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-17	CVE-2019-19816	Out-of-bounds Write vulnerability in multiple products In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled. local low complexity linux canonical debian netapp CWE-787	7.8
2019-12-17	CVE-2019-19813	Use After Free vulnerability in multiple products In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. network linux canonical debian netapp CWE-416	7.1
2019-12-08	CVE-2019-19448	Use After Free vulnerability in multiple products In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure. local low complexity linux debian canonical netapp CWE-416	7.8
2019-11-28	CVE-2019-18276	Improper Check for Dropped Privileges vulnerability in multiple products An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. local low complexity gnu netapp oracle CWE-273	7.8
2019-11-25	CVE-2019-14815	Heap-based Buffer Overflow vulnerability in multiple products A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. local low complexity linux redhat netapp CWE-122	7.8
2019-11-18	CVE-2019-19069	Memory Leak vulnerability in multiple products A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99. network low complexity linux canonical netapp broadcom CWE-401	7.8
2019-11-18	CVE-2019-19050	Memory Leak vulnerability in multiple products A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1. network low complexity linux fedoraproject canonical netapp broadcom CWE-401	7.5
2019-11-07	CVE-2019-18805	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. network low complexity linux opensuse redhat netapp broadcom CWE-190	7.5
2019-11-04	CVE-2019-18683	Use After Free vulnerability in multiple products An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. local high complexity linux canonical opensuse netapp broadcom debian CWE-416	7.0
2019-10-21	CVE-2019-17498	Integer Overflow or Wraparound vulnerability in multiple products In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. network low complexity libssh2 fedoraproject opensuse debian netapp CWE-190	8.1