High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-25	CVE-2019-19244	sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. network low complexity sqlite canonical oracle siemens	7.5
2019-11-25	CVE-2012-6639	Improper Privilege Management vulnerability in multiple products An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data. network low complexity canonical debian suse CWE-269	8.8
2019-11-25	CVE-2019-19246	Out-of-bounds Read vulnerability in multiple products Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c. network low complexity oniguruma-project php fedoraproject canonical debian CWE-125	7.5
2019-11-25	CVE-2019-14822	Missing Authorization vulnerability in multiple products A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. local low complexity ibus-project redhat canonical oracle CWE-862	7.1
2019-11-21	CVE-2012-3543	Improper Input Validation vulnerability in multiple products mono 2.10.x ASP.NET Web Form Hash collision DoS network low complexity mono-project canonical debian CWE-20	7.5
2019-11-20	CVE-2015-3167	Information Exposure vulnerability in multiple products contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack. network low complexity postgresql debian canonical CWE-200	7.5
2019-11-20	CVE-2019-3466	Improper Privilege Management vulnerability in multiple products The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. local low complexity postgresql canonical debian CWE-269	7.8
2019-11-18	CVE-2019-19079	Memory Leak vulnerability in multiple products A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c in the Linux kernel before 5.3 allows attackers to cause a denial of service (memory consumption), aka CID-a21b7f0cff19. network low complexity linux canonical CWE-401	7.5
2019-11-18	CVE-2019-19078	Memory Leak vulnerability in multiple products A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2. network low complexity linux canonical CWE-401	7.5
2019-11-18	CVE-2019-19075	Memory Leak vulnerability in multiple products A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures, aka CID-6402939ec86e. network low complexity linux canonical CWE-401	7.5