CVE-2019-11833
- EPSS 0.65%
- Veröffentlicht 15.05.2019 13:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:51
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
CVE-2019-11884
- EPSS 0.5%
- Veröffentlicht 10.05.2019 22:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:57
The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a...
CVE-2019-5018
- EPSS 6.68%
- Veröffentlicht 10.05.2019 19:29:07
- Zuletzt bearbeitet 21.11.2024 04:44:11
An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after free vulnerability, potentially resulting in remote code execution. An attacker can send ...
CVE-2019-2054
- EPSS 0.63%
- Veröffentlicht 08.05.2019 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:40:08
In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. This could lead to local escalation of privilege with no additional execution privileges needed. User ...
CVE-2019-11815
- EPSS 4.46%
- Veröffentlicht 08.05.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:49
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.
CVE-2018-20836
- EPSS 5.11%
- Veröffentlicht 07.05.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:02:16
An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
CVE-2019-11810
- EPSS 5.79%
- Veröffentlicht 07.05.2019 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:21:48
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a ...
CVE-2019-11036
- EPSS 7.03%
- Veröffentlicht 03.05.2019 20:29:00
- Zuletzt bearbeitet 21.11.2024 04:20:24
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
- EPSS 7.07%
- Veröffentlicht 02.05.2019 17:29:02
- Zuletzt bearbeitet 21.11.2024 04:21:35
udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 pay...
CVE-2019-10131
- EPSS 1.25%
- Veröffentlicht 30.04.2019 19:29:03
- Zuletzt bearbeitet 21.11.2024 04:18:28
An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. A local attacker may use this flaw to read beyond the end of the buffer or to crash the program.