High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-19	CVE-2019-19906	Off-by-one Error vulnerability in multiple products cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. network low complexity cyrusimap debian canonical fedoraproject redhat apple apache CWE-193	7.5
2019-12-18	CVE-2018-1311	Use After Free vulnerability in multiple products The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. network high complexity apache redhat debian oracle fedoraproject CWE-416	8.1
2019-12-13	CVE-2014-0212	Resource Exhaustion vulnerability in Apache Qpid-Cpp qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors network low complexity apache CWE-400	7.5
2019-12-12	CVE-2019-12420	Resource Exhaustion vulnerability in multiple products In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. network low complexity apache debian CWE-400	7.5
2019-12-09	CVE-2019-19603	SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. network low complexity sqlite oracle siemens apache netapp	7.5
2019-12-05	CVE-2012-1592	Unrestricted Upload of File with Dangerous Type vulnerability in Apache Struts 2.0.0 A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files. network low complexity apache CWE-434	8.8
2019-12-04	CVE-2019-17555	Improper Input Validation vulnerability in Apache Olingo The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to 4.6.0 reads the Retry-After header and passes it to the Thread.sleep() method without any check. network low complexity apache CWE-20	7.5
2019-12-03	CVE-2016-1000104	Improper Input Validation vulnerability in multiple products A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07. network low complexity apache opensuse CWE-20	8.8
2019-11-27	CVE-2011-2177	Unspecified vulnerability in Apache Openoffice 3.3.0 OpenOffice.org v3.3 allows execution of arbitrary code with the privileges of the user running the OpenOffice.org suite tools. local low complexity apache	7.8
2019-11-26	CVE-2011-3600	XXE vulnerability in Apache Ofbiz The /webtools/control/xmlrpc endpoint in OFBiz XML-RPC event handler is exposed to External Entity Injection by passing DOCTYPE declarations with executable payloads that discloses the contents of files in the filesystem. network low complexity apache CWE-611	7.5