Filtered by vendor Canonical Subscriptions
Filtered by product Ubuntu Linux Subscriptions
Total 4151 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-15221 6 Canonical, Debian, Linux and 3 more 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more 2024-11-21 4.6 Medium
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
CVE-2019-15220 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2024-11-21 4.6 Medium
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
CVE-2019-15219 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2024-11-21 4.6 Medium
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
CVE-2019-15218 6 Canonical, Debian, Linux and 3 more 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more 2024-11-21 4.6 Medium
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
CVE-2019-15217 6 Canonical, Debian, Linux and 3 more 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more 2024-11-21 4.6 Medium
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
CVE-2019-15216 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2024-11-21 4.6 Medium
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
CVE-2019-15215 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2024-11-21 4.6 Medium
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
CVE-2019-15214 4 Canonical, Linux, Opensuse and 1 more 4 Ubuntu Linux, Linux Kernel, Leap and 1 more 2024-11-21 6.4 Medium
An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c.
CVE-2019-15212 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2024-11-21 4.6 Medium
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
CVE-2019-15211 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2024-11-21 4.6 Medium
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.
CVE-2019-15166 8 Apple, Canonical, Debian and 5 more 10 Mac Os X, Ubuntu Linux, Debian Linux and 7 more 2024-11-21 1.6 Low
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
CVE-2019-15165 8 Apple, Canonical, Debian and 5 more 12 Ipados, Iphone Os, Mac Os X and 9 more 2024-11-21 5.3 Medium
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.
CVE-2019-15145 5 Canonical, Debian, Djvulibre Project and 2 more 5 Ubuntu Linux, Debian Linux, Djvulibre and 2 more 2024-11-21 5.5 Medium
DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h.
CVE-2019-15144 5 Canonical, Debian, Djvulibre Project and 2 more 5 Ubuntu Linux, Debian Linux, Djvulibre and 2 more 2024-11-21 5.5 Medium
In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h.
CVE-2019-15143 5 Canonical, Debian, Djvulibre Project and 2 more 5 Ubuntu Linux, Debian Linux, Djvulibre and 2 more 2024-11-21 5.5 Medium
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp.
CVE-2019-15142 5 Canonical, Debian, Djvulibre Project and 2 more 5 Ubuntu Linux, Debian Linux, Djvulibre and 2 more 2024-11-21 5.5 Medium
In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file.
CVE-2019-15133 3 Canonical, Debian, Giflib Project 3 Ubuntu Linux, Debian Linux, Giflib 2024-11-21 6.5 Medium
In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.
CVE-2019-15118 5 Canonical, Debian, Linux and 2 more 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more 2024-11-21 5.5 Medium
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
CVE-2019-15099 3 Canonical, Linux, Redhat 3 Ubuntu Linux, Linux Kernel, Enterprise Linux 2024-11-21 7.5 High
drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
CVE-2019-15098 5 Canonical, Debian, Linux and 2 more 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more 2024-11-21 4.6 Medium
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.