|
222571
|
4.7 |
MEDIUM
Local
|
linux
opensuse
|
linux_kernel
leap
|
An issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net/netlink/genetlink.c.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-15921
|
2024-11-21 13:29 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222572
|
4.3 |
MEDIUM
Network
|
linux
opensuse
|
linux_kernel
leap
|
An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents…
|
CWE-416
Use After Free
|
CVE-2019-15920
|
2024-11-21 13:29 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222573
|
3.3 |
LOW
Local
|
linux
opensuse
|
linux_kernel
leap
|
An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.
|
CWE-416
Use After Free
|
CVE-2019-15919
|
2024-11-21 13:29 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222574
|
7.8 |
HIGH
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to …
|
CWE-125
Out-of-bounds Read
|
CVE-2019-15918
|
2024-11-21 13:29 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222575
|
7.0 |
HIGH
Local
|
linux
debian
opensuse
|
linux_kernel
debian_linux
leap
|
An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c.
|
CWE-416
Use After Free
|
CVE-2019-15917
|
2024-11-21 13:29 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222576
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
An issue was discovered in the Linux kernel before 5.0.1. There is a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-15916
|
2024-11-21 13:29 |
2019-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222577
|
5.4 |
MEDIUM
Network
|
sentrifugo
|
sentrifugo
|
Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML.
|
CWE-79
Cross-site Scripting
|
CVE-2019-15814
|
2024-11-21 13:29 |
2019-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222578
|
8.8 |
HIGH
Network
|
sentrifugo
|
sentrifugo
|
Multiple file upload restriction bypass vulnerabilities in Sentrifugo 3.2 could allow authenticated users to execute arbitrary code via a webshell.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-15813
|
2024-11-21 13:29 |
2019-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222579
|
4.4 |
MEDIUM
Local
|
systemd_project
fedoraproject
redhat
|
systemd
fedora
enterprise_linux
openshift_container_platform
enterprise_linux_eus
enterprise_linux_server_tus
enterprise_linux_server_aus
enterprise_linux_server_update_services_…
|
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access…
|
NVD-CWE-noinfo
|
CVE-2019-15718
|
2024-11-21 13:29 |
2019-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222580
|
7.5 |
HIGH
Network
|
libexpat_project
python
|
libexpat
python
|
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumn…
|
CWE-125
CWE-776
Out-of-bounds Read
XML Entity Expansion
|
CVE-2019-15903
|
2024-11-21 13:29 |
2019-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
