|
2019-09-09
|
CVE-2019-16168
|
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
|
Ubuntu_linux, Debian_linux, Fedora, Policy_auditor, Active_iq_unified_manager, E\-Series_santricity_os_controller, Oncommand_insight, Oncommand_workflow_automation, Ontap_select_deploy_administration_utility, Santricity_unified_manager, Steelstore_cloud_integrated_storage, Communications_design_studio, Jdk, Jre, Mysql, Outside_in_technology, Solaris, Zfs_storage_appliance, Sqlite, Nessus_agent
|
6.5
|
|
|
|
2019-09-11
|
CVE-2019-16232
|
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
|
Ubuntu_linux, Fedora, Linux_kernel, Leap
|
4.1
|
|
|
|
2019-09-11
|
CVE-2019-16235
|
Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala.
|
Ubuntu_linux, Debian_linux, Dino, Fedora
|
7.5
|
|
|
|
2019-09-11
|
CVE-2019-16236
|
Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala.
|
Ubuntu_linux, Debian_linux, Dino, Fedora
|
7.5
|
|
|
|
2019-09-11
|
CVE-2019-16237
|
Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.
|
Ubuntu_linux, Debian_linux, Dino, Fedora
|
7.5
|
|
|
|
2019-09-13
|
CVE-2019-12922
|
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
|
Fedora, Phpmyadmin
|
6.5
|
|
|
|
2019-09-15
|
CVE-2019-14540
|
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.
|
Debian_linux, Jackson\-Databind, Fedora, Oncommand_api_services, Oncommand_workflow_automation, Steelstore_cloud_integrated_storage, Banking_platform, Customer_management_and_segmentation_foundation, Financial_services_analytical_applications_infrastructure, Global_lifecycle_management_opatch, Goldengate_application_adapters, Goldengate_stream_analytics, Mysql, Primavera_gateway, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Retail_xstore_point_of_service, Weblogic_server, Jboss_enterprise_application_platform
|
9.8
|
|
|
|
2019-09-15
|
CVE-2019-16335
|
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.
|
Debian_linux, Jackson\-Databind, Fedora, Oncommand_api_services, Oncommand_workflow_automation, Steelstore_cloud_integrated_storage, Banking_platform, Customer_management_and_segmentation_foundation, Financial_services_analytical_applications_infrastructure, Global_lifecycle_management_opatch, Goldengate_application_adapters, Goldengate_stream_analytics, Primavera_gateway, Retail_customer_management_and_segmentation_foundation, Retail_xstore_point_of_service, Weblogic_server, Jboss_enterprise_application_platform
|
9.8
|
|
|
|
2019-09-16
|
CVE-2019-5481
|
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
|
Debian_linux, Fedora, Curl, Cloud_backup, Solidfire_baseboard_management_controller_firmware, Steelstore, Leap, Communications_operations_monitor, Communications_session_border_controller, Enterprise_manager_ops_center, Mysql_server, Oss_support_tools
|
9.8
|
|
|
|
2019-09-16
|
CVE-2019-5482
|
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
|
Debian_linux, Fedora, Curl, Cloud_backup, Oncommand_insight, Oncommand_unified_manager, Oncommand_workflow_automation, Snapcenter, Steelstore_cloud_integrated_storage, Leap, Communications_operations_monitor, Communications_session_border_controller, Enterprise_manager_ops_center, Http_server, Hyperion_essbase, Mysql_server, Oss_support_tools
|
9.8
|
|
|