Canonical: Security Vulnerabilities
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
CVSS Score
9.8
EPSS Score
0.022
Published
2019-09-24
pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-09-24
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-09-23
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-09-23
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-09-23
ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-09-23
ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-09-23
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.
CVSS Score
7.5
EPSS Score
0.009
Published
2019-09-23
An issue was discovered in GNOME file-roller before 3.29.91. It allows a single ./../ path traversal via a filename contained in a TAR archive, possibly overwriting a file during extraction.
CVSS Score
4.3
EPSS Score
0.016
Published
2019-09-21
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
CVSS Score
5.5
EPSS Score
0.003
Published
2019-09-20