Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-11	CVE-2019-16233	NULL Pointer Dereference vulnerability in multiple products drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. local linux canonical opensuse redhat CWE-476	4.7
2019-09-11	CVE-2019-16231	NULL Pointer Dereference vulnerability in multiple products drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. local linux canonical opensuse redhat CWE-476	4.7
2019-09-11	CVE-2019-16229	NULL Pointer Dereference vulnerability in multiple products drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. local high complexity linux redhat canonical CWE-476	4.1
2019-09-04	CVE-2019-15718	In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. local low complexity systemd-project fedoraproject redhat	4.4
2019-08-29	CVE-2019-15807	Memory Leak vulnerability in multiple products In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. local high complexity linux redhat debian CWE-401	4.7
2019-08-15	CVE-2019-10140	NULL Pointer Dereference vulnerability in multiple products A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. local low complexity linux redhat CWE-476	5.5
2019-08-14	CVE-2019-9506	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. low complexity google apple canonical debian opensuse redhat huawei CWE-327	4.8
2019-08-13	CVE-2019-9516	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. network low complexity apple apache canonical debian fedoraproject synology opensuse redhat oracle mcafee f5 nodejs CWE-770	6.5
2019-08-02	CVE-2019-10168	Path Traversal vulnerability in Redhat products The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. local low complexity redhat CWE-22	4.6
2019-08-02	CVE-2019-10167	Path Traversal vulnerability in Redhat products The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. local low complexity redhat CWE-22	4.6