Total
6789 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-19530 | 4 Debian, Linux, Opensuse and 1 more | 5 Debian Linux, Linux Kernel, Leap and 2 more | 2024-11-21 | 4.6 Medium |
| In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef. | ||||
| CVE-2019-19529 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 6.3 Medium |
| In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41. | ||||
| CVE-2019-19528 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 6.1 Medium |
| In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d. | ||||
| CVE-2019-19527 | 4 Debian, Linux, Opensuse and 1 more | 6 Debian Linux, Linux Kernel, Leap and 3 more | 2024-11-21 | 6.8 Medium |
| In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e. | ||||
| CVE-2019-19526 | 3 Canonical, Linux, Opensuse | 3 Ubuntu Linux, Linux Kernel, Leap | 2024-11-21 | 4.6 Medium |
| In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098. | ||||
| CVE-2019-19525 | 3 Debian, Linux, Opensuse | 3 Debian Linux, Linux Kernel, Leap | 2024-11-21 | 4.6 Medium |
| In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035. | ||||
| CVE-2019-19524 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2024-11-21 | 4.6 Medium |
| In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9. | ||||
| CVE-2019-19523 | 4 Debian, Linux, Opensuse and 1 more | 5 Debian Linux, Linux Kernel, Leap and 2 more | 2024-11-21 | 4.6 Medium |
| In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79. | ||||
| CVE-2019-19480 | 2 Linux, Opensc Project | 2 Linux Kernel, Opensc | 2024-11-21 | 4.6 Medium |
| An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in sc_pkcs15_decode_prkdf_entry. | ||||
| CVE-2019-19448 | 4 Canonical, Debian, Linux and 1 more | 27 Ubuntu Linux, Debian Linux, Linux Kernel and 24 more | 2024-11-21 | 7.8 High |
| In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure. | ||||
| CVE-2019-19447 | 3 Linux, Netapp, Redhat | 13 Linux Kernel, Active Iq Unified Manager, Cloud Backup and 10 more | 2024-11-21 | 7.8 High |
| In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c. | ||||
| CVE-2019-19377 | 2 Linux, Netapp | 5 Linux Kernel, Active Iq Unified Manager, Cloud Backup and 2 more | 2024-11-21 | 7.8 High |
| In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c. | ||||
| CVE-2019-19319 | 3 Linux, Opensuse, Redhat | 3 Linux Kernel, Leap, Enterprise Linux | 2024-11-21 | 6.5 Medium |
| In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30. | ||||
| CVE-2019-19318 | 5 Canonical, Debian, Linux and 2 more | 19 Ubuntu Linux, Debian Linux, Linux Kernel and 16 more | 2024-11-21 | 4.4 Medium |
| In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer, | ||||
| CVE-2019-19162 | 2 Microsoft, Tobesoft | 2 Windows, Xplatform | 2024-11-21 | 7.8 High |
| A use-after-free vulnerability in the TOBESOFT XPLATFORM versions 9.1 to 9.2.2 may lead to code execution on a system running it. | ||||
| CVE-2019-18903 | 2 Opensuse, Suse | 2 Leap, Linux Enterprise Server | 2024-11-21 | 7.5 High |
| A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-2.18.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-28.26.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.9.1. openSUSE Factory wicked versions prior to 0.6.62. | ||||
| CVE-2019-18902 | 2 Opensuse, Suse | 2 Leap, Linux Enterprise Server | 2024-11-21 | 7.5 High |
| A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-3.5.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-3.21.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.6.1. openSUSE Factory wicked versions prior to 0.6.62. | ||||
| CVE-2019-18874 | 2 Psutil Project, Redhat | 7 Psutil, Ansible Tower, Enterprise Linux and 4 more | 2024-11-21 | 7.5 High |
| psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object. | ||||
| CVE-2019-18814 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c. | ||||
| CVE-2019-18794 | 1 Un4seen | 1 Bass | 2024-11-21 | 6.5 Medium |
| The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Use after Free vulnerability via a crafted .ogg file. An attacker can exploit this to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of service. | ||||