61 matches found
CVE-2020-1938
CVE-2020-1938 (Tomcat AJP vulnerability) : The issue affects Apache Tomcat where the AJP Connector, enabled by default in several legacy releases, could be reached through untrusted networks. An attacker could exploit the configured AJP path to read arbitrary files in the web application and pote...
CVE-2020-1935
CVE-2020-1935 affects Apache Tomcat across multiple branches: 9.0.0.M1–9.0.30, 8.5.0–8.5.50, and 7.0.0–7.0.99. It stems from HTTP header parsing that can mishandle end-of-line and Transfer-Encoding, enabling HTTP Request Smuggling when Tomcat sits behind certain reverse proxies. Impact is informa...
CVE-2019-2215
CVE-2019-2215 is a use-after-free in the Android binder driver (binder.c) that enables local privilege escalation from an app to the Linux kernel. The issue is local, with no user interaction required, and exploitation may lead to memory corruption, denial of service, or escalation per the cited ...
CVE-2019-14816
CVE-2019-14816 is a Linux kernel heap-based buffer overflow in the mwifiex (Marvell) wifi driver that affects all versions up to, but excluding, 5.3. It enables a local attacker to crash the system or potentially execute arbitrary code via the Marvell wifi chip driver; affected scope is the kerne...
CVE-2019-14814
CVE-2019-14814 affects the Linux kernel Marvell WiFi driver (mwifiex) - a heap-based buffer overflow in the Marvell WiFi chip driver, present in all kernel versions up to but excluding 5.3. This can allow local users to crash the system or, potentially, execute arbitrary code. Public advisories (...
CVE-2019-14821
CVE-2019-14821 is a Linux kernel KVM issue: an out-of-bounds access in the Coalesced MMIO write path can occur if a host user controls the MMIO ring buffer indices (ring->first/ring->last). A local attacker with /dev/kvm access could crash the host kernel or potentially escalate privileges ...
CVE-2019-14835
The CVE-2019-14835 entry describes a buffer overflow in Linux kernel vhost functionality (virtqueue buffers translated to IOVs) during VM live migration. A privileged guest user could pass descriptors with invalid length while migration is underway, potentially causing a host privilege escalation...
CVE-2020-5398
CVE-2020-5398 (Spring Framework) affects Spring Framework versions: 5.0.x before 5.0.16, 5.1.x before 5.1.13, and 5.2.x before 5.2.3. The vulnerability is a reflected file download (RFD) attack triggered when an application sets a Content-Disposition header whose filename is derived from user inp...
CVE-2019-17569
CVE-2019-17569: In Apache Tomcat, a regression from refactoring in 9.0.28–9.0.30, 8.5.48–8.5.50, and 7.0.98–7.0.99 caused invalid Transfer-Encoding header handling, enabling HTTP Request Smuggling behind a misconfigured reverse proxy. Connected advisories show mitigations: Amazon Linux 2 ALAS2TOM...
CVE-2018-20855
CVE-2018-20855 affects Linux kernel before 4.18.7. In mlx5InfiniBand, create_qp_common (mlx5_ib_create_qp_resp) was never initialized, leaking stack memory to userspace. Upstream fix shipped with kernel 4.18.7 (commit 0625b4ba1a5d4703c7fb01c497bd6c156908af00). Mitigation: upgrade to 4.18.7+ or ap...
CVE-2019-5108
CVE-2019-5108 is an exploitable denial-of-service in the Linux kernel prior to mainline 5.3. An attacker can trigger IAPP location updates for stations before authentication completes by forging Authentication/Association Request packets, leading to potential CAM-table attacks or traffic flapping...
CVE-2019-15221
CVE-2019-15221 affects the Linux kernel up to version 5.1.17. A NULL pointer dereference can be triggered by a malicious USB device via the sound/usb/line6/pcm.c driver, leading to denial of service or system instability. Affected component is the kernel sound USB Line6 PCM driver; root cause is ...
CVE-2019-19447
CVE-2019-19447 is a Linux kernel 5.0.21 flaw where mounting a crafted ext4 filesystem image can trigger a use-after-free in ext4_put_super (fs/ext4/super.c, related to dump_orphan_list). Reports in multiple connected sources corroborate a local, post-authentication impact with potential arbitrary...
CVE-2019-20054
CVE-2019-20054 affects the Linux kernel prior to 5.0.6, with a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c (related to put_links, CID-23da9588037e). The fix is included in kernel 5.0.6 (and later). Public exploit details are not provided in the supplied documents. Rec...
CVE-2019-19063
Concretely affected software: Linux kernel realtek rtlwifi USB driver (rtl_usb_probe in drivers/net/wireless/realtek/rtlwifi/usb.c). Root cause: two memory leaks in rtl_usb_probe() leading to memory exhaustion. Impact: potential denial of service due to unbounded memory consumption (through 5.3.1...
CVE-2019-15538
CVE-2019-15538 affects the Linux kernel component fs/xfs/xfs_iops.c: xfs_setattr_nonsize, with the issue present in kernels up to 5.2.9. The vulnerability arises when a chgrp operation fails due to out-of-disk-quota conditions, causing XFS to partially wedge and fail to unlock ILOCK after the xfs...
CVE-2019-15220
CVE-2019-15220 affects the Linux kernel prior to 5.2.1 and involves a use-after-free in the p54usb.c driver caused by a malicious USB device. The issue can lead to a denial of service via kernel memory corruption when a vulnerable USB device is connected to drivers/net/wireless/intersil/p54. The ...
CVE-2019-18282
CVE-2019-18282 affects the Linux kernel flow_dissector (Linux 4.3–5.x up to 5.3.10). The root cause is that UDP/IPv6 flow labels rely on a 32-bit hashrnd secret, with jhash used instead of siphash, allowing an attacker to infer the secret and track flows. Affected code includes net/core/flow_diss...
CVE-2019-19060
CVE-2019-19060 is a memory-leak vulnerability in the Linux kernel (discovered in adis_buffer.c: adis_update_scan_mode()) that can lead to memory exhaustion and DoS. Affected: Linux kernel versions before 5.3.9 (drivers/iio/imu/adis_buffer.c). Exploitation details are not provided in the documents...
CVE-2019-15217
The CVE-2019-15217 entry concerns a NULL pointer dereference in the Linux kernel before 5.2.3, triggered by a malicious USB device via the zr364xx USB driver (drivers/media/usb/zr364xx/zr364xx.c). The issue can lead to a denial of service on a physical USB attack vector. Public references indicat...
CVE-2019-19947
CVE-2019-19947 affects the Linux kernel up to version 5.4.6, where the kvaser_usb_leaf.c driver (drivers/net/can/usb/kvaser_usb) leaks information from uninitialized memory to a USB device (CID-da2311a6385c). Connected advisories corroborate this kernel info-leak issue and link it to the Kvaser C...
CVE-2019-15098
CVE-2019-15098 affects the Linux kernel driver ath6kl/usb.c (USB wifi driver) up to version 5.2.9. The issue is a NULL pointer dereference caused by an incomplete address in an endpoint descriptor, potentially leading to a crash or denial of service. The connected Nessus/Unity Linux advisories co...
CVE-2019-19052
CVE-2019-19052 is a memory-leak vulnerability in the Linux kernel, specifically in drivers/net/can/usb/gs_usb.c within the gs_can_open() function. The issue allows a denial of service through memory consumption when usb_submit_urb() fails, affecting the kernel up to version before 5.3.11. The rea...
CVE-2020-8992
CVE-2020-8992 affects the Linux kernel ext4 implementation (ext4_protect_reserved_inode in fs/ext4/block_validity.c) through version 5.5.3. A crafted journal size can cause a denial of service (soft lockup) via a local attack. Connected advisories (e.g., SUSE-SU-2020:1663-1, Ubuntu USN-4419-1, Un...
CVE-2019-15219
This CVE (CVE-2019-15219) affects the Linux kernel prior to 5.1.8. Description confirms a NULL pointer dereference caused by a malicious USB device in drivers/usb/misc/sisusbvga/sisusb.c, enabling local hardware interaction to crash the system. Connected advisories (Unity Linux UTSA-2026-003808 a...
CVE-2019-20095
CVE-2019-20095 affects the Linux kernel mwifiex driver (drivers/net/wireless/marvell/mwifiex/cfg80211.c). The description states that certain error-handling paths do not free allocated hostcmd memory, causing a memory leak that can lead to a denial of service. The issue is fixed in kernel version...
CVE-2019-15118
CVE-2019-15118 affects the Linux kernel up to version 5.2.9. The vulnerability arises from the function check_input_term in sound/usb/mixer.c , which mishandles recursion and can cause a kernel stack exhaustion leading to a crash. The connected Nessus entries corroborate the issue and reference U...
CVE-2020-9383
CVE-2020-9383 affects the Linux kernel floppy driver (set_fdc in drivers/block/floppy.c) where the FDC index is not checked for errors before assignment, causing a wait_til_ready out-of-bounds read. Impact per the CVE description: local attacker could cause a denial of service or privilege escala...
CVE-2019-19966
CVE-2019-19966 affects the Linux kernel prior to 5.1.6, where a use-after-free in cpia2_exit() (drivers/media/usb/cpia2/cpia2_v4l.c) can lead to denial of service. Connected advisories (Unity Linux UTSA-2026-004036 and related Nessus plugins) reference the same issue and note a fix in kernel 5.1....
CVE-2019-15216
CVE-2019-15216 affects the Linux kernel prior to 5.0.14, with a NULL pointer dereference triggered by a malicious USB device in drivers/usb/misc/yurex.c. Exploitation could cause a denial of service; impact is indicated as HIGH for availability. A fix is available in kernel 5.0.14 and later. Reme...
CVE-2019-15218
CVE-2019-15218: Linux kernel before 5.1.8 contains a NULL pointer dereference in drivers/media/usb/siano/smsusb.c triggered by a malicious USB device. Affected is the Linux kernel version range up to 5.1.7; exploitation could lead to a crash or denial of service on affected systems. Remediation i...
CVE-2019-19922
CVE-2019-19922 affects the Linux kernel sched subsystem (kernel/sched/fair.c) and is triggered when cpu.cfs_quota_us is in use (e.g., with Kubernetes). The issue allows a local attacker to cause a denial of service for non–CPU-bound applications by generating work that triggers slice expiration, ...
CVE-2019-15212
CVE-2019-15212 describes a vulnerability in the Linux kernel prior to 5.1.8 where a malicious USB device can trigger a double-free in drivers/usb/misc/rio500.c. This is a local/physical-access issue with potential impact to availability as per CVSS metrics shown. The connected Unity Nessus adviso...
CVE-2019-19054
CVE-2019-19054: A memory leak in the Linux kernel cx23888_ir_probe() function (drivers/media/pci/cx23885/cx23888-ir.c) through version 5.3.11 can lead to denial of service via memory consumption when kfifo_alloc() fails. Connected Nessus advisories (UNITY_LINUX_UTSA-2026-004170 and related entrie...
CVE-2019-15211
CVE-2019-15211 : Linux kernel before 5.2.6 contains a use-after-free in drivers/media/v4l2-core/v4l2-dev.c triggered by a malicious USB device; the issue is tied to memory allocation in drivers/media/radio/radio-raremono.c. Evidence from multiple Nessus/SUSE/OpenOpen advisories confirms the descr...
CVE-2019-19448
CVE-2019-19448 is a use-after-free in Linux kernel’s Btrfs code (try_merge_free_space in fs/btrfs/free-space-cache.c). It can be triggered by mounting a crafted Btrfs image and performing operations followed by a syncfs, due to a pointer alias between left and right data structures. Affected: Lin...
CVE-2019-15213
CVE-2019-15213: Linux kernel before 5.2.3 contains a use-after-free in the DVB‑USB driver (drivers/media/usb/dvb-usb/dvb-usb-init.c) triggered by a malicious USB device. The issue is limited to the kernel plasma stack in this component and is mitigated by upgrading to kernel 5.2.3 or newer, per t...
CVE-2019-19965
CVE-2019-19965 is a vulnerability in the Linux kernel (affecting the SAS SAS discover path) where a NULL pointer dereference occurs in drivers/scsi/libsas/sas_discover.c due to mishandling of port disconnection during discovery, related to a PHY down race condition (CID-f70267f379b5). The Unity L...
CVE-2019-18683
CVE-2019-18683 affects the Linux kernel’s V4L2 vivid driver (drivers/media/platform/vivid). The issue arises from wrong mutex locking in functions vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and related kthreads, causing multiple race conditions dur...
CVE-2019-15215
The CVE-2019-15215 issue is a use-after-free in the Linux kernel, caused by a malicious USB device via the cpia2_usb.c driver (drivers/media/usb/cpia2). Affected: kernel versions before 5.2.6. Impact: potential local denial of service or privilege issues due to use-after-free in USB cpia2 handlin...
CVE-2019-19057
CVE-2019-19057 affects the Linux kernel mwifiex PCIe wireless driver (drivers/net/wireless/marvell/mwifiex/pcie.c). Two memory leaks in mwifiex_pcie_init_evt_ring() can occur through failures in mwifiex_map_pci_memory(), allowing a local attacker to trigger memory consumption and a denial of serv...
CVE-2019-18805
CVE-2019-18805 affects the Linux kernel prior to 5.0.11. A signed integer overflow occurs in net/ipv4/sysctl_net_ipv4.c and in tcp_input.c (tcp_ack_update_rtt()) when a very large value is written to /proc/sys/net/ipv4/tcp_min_rtt_wlen, potentially causing a denial of service or other impact. Con...
CVE-2019-16995
CVE-2019-16995 affects the Linux kernel prior to 5.0.3. The issue is a memory leak in hsr_dev_finalize() (net/hsr/hsr_device.c) that can occur if hsr_add_port fails to add a port, potentially leading to a denial of service. The vulnerability is not tied to a vendor product in the provided text be...
CVE-2019-15222
CVE-2019-15222 entry is rejected/not used and not an active vulnerability.
CVE-2019-19816
CVE-2019-19816 affects the Linux kernel 5.0.21: mounting a crafted btrfs image can trigger a slab-out-of-bounds write in __btrfs_map_block in fs/btrfs/volumes.c due to mishandling of the data stripes value = 1. The connected Nessus advisory blocks (Unity Linux UTSA-2026-004332 and related plugin ...
CVE-2019-19061
CVE-2019-19061 is tied to a memory leak in the Linux kernel’s ADIS16400 IIO IMU driver: adis_update_scan_mode_burst() in drivers/iio/imu/adis_buffer.c before 5.3.9. The issue can cause denial of service via memory exhaustion. Affected component: Linux kernel (ADIS16400 IIO IMU driver). Root cause...
CVE-2019-19318
The CVE-2019-19318 issue affects Linux kernel 5.3.11. Root cause: mounting a crafted btrfs image twice can trigger a use-after-free in rwsem_down_write_slowpath because rwsem_can_spin_on_owner’s rwsem_owner_flags returns an already freed pointer. Documented impact per sources indicates an availab...
CVE-2019-19813
CVE-2019-19813 is a Linux kernel use-after-free in __mutex_lock on Linux kernel 5.0.21 when mounting a crafted btrfs image, performing operations, and calling syncfs, related to mutex_can_spin_on_owner, __btrfs_qgroup_free_meta, and btrfs_insert_delayed_items. It is a local, user-interaction-requ...
CVE-2019-19050
CVE-2019-19050 describes a memory leak in the Linux kernel’s crypto_reportstat() path (crypto/crypto_user_stat.c) that can cause a denial of service via memory consumption when crypto_reportstat_alg() fails, affected up to kernel 5.3.11. Connected Nessus advisories (Unity Linux UTSA-2026-003794 a...
CVE-2019-15223
CVE-2019-15223 affects the Linux kernel up to version 5.1.7 where a NULL pointer dereference can be triggered by a malicious USB device in the sound/usb/line6/driver.c driver. This is a local physical attack vector through USB, potentially causing a kernel crash by dereferencing a NULL pointer. T...