|
225311
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and 11.3-RELEASE before p9, an unprivileged local user can trigger a use-after-free situation due to improper checking in SCTP when …
|
CWE-416
Use After Free
|
CVE-2019-15878
|
2024-11-21 13:29 |
2020-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225312
|
7.8 |
HIGH
Local
|
cisco
|
ios_xe
|
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due t…
|
CWE-20
Improper Input Validation
|
CVE-2019-16011
|
2024-11-21 13:29 |
2020-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225313
|
9.8 |
CRITICAL
Network
|
freebsd
netapp
|
freebsd
clustered_data_ontap
|
In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE before 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE before 11.3-RELEASE-p8, incomplete packet data validation may result in memory…
|
CWE-20
CWE-416
Improper Input Validation
Use After Free
|
CVE-2019-15874
|
2024-11-21 13:29 |
2020-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225314
|
5.5 |
MEDIUM
Local
|
freebsd
|
freebsd
|
In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privi…
|
CWE-862
Missing Authorization
|
CVE-2019-15877
|
2024-11-21 13:29 |
2020-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225315
|
5.5 |
MEDIUM
Local
|
freebsd
|
freebsd
|
In FreeBSD 12.1-STABLE before r356089, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r356090, and 11.3-RELEASE before 11.3-RELEASE-p7, driver specific ioctl command handlers in the oce netw…
|
CWE-862
Missing Authorization
|
CVE-2019-15876
|
2024-11-21 13:29 |
2020-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225316
|
3.3 |
LOW
Local
|
apport_project
canonical
|
apport
ubuntu_linux
|
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_i…
|
CWE-269
Improper Privilege Management
|
CVE-2019-15790
|
2024-11-21 13:29 |
2020-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225317
|
6.7 |
MEDIUM
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the or…
|
CWE-672
Operation on a Resource after Expiration or Release
|
CVE-2019-15794
|
2024-11-21 13:29 |
2020-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225318
|
8.8 |
HIGH
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the l…
|
CWE-276
Incorrect Default Permissions
|
CVE-2019-15793
|
2024-11-21 13:29 |
2020-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225319
|
7.8 |
HIGH
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd), then without further checks passes the resu…
|
CWE-843
Type Confusion
|
CVE-2019-15792
|
2024-11-21 13:29 |
2020-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225320
|
7.8 |
HIGH
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() installs an fd referencing a file from the lower filesystem wit…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2019-15791
|
2024-11-21 13:29 |
2020-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
