High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-05	CVE-2019-13304	Out-of-bounds Write vulnerability in multiple products ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/pnm.c in WritePNMImage because of a misplaced assignment. local low complexity imagemagick debian canonical opensuse CWE-787	7.8
2019-07-05	CVE-2019-13300	Out-of-bounds Write vulnerability in multiple products ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns. network low complexity imagemagick debian canonical opensuse CWE-787	8.8
2019-07-04	CVE-2019-13241	Path Traversal vulnerability in multiple products FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. local low complexity flightcrew-project canonical CWE-22	7.8
2019-07-03	CVE-2019-13164	qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass. local low complexity qemu debian opensuse canonical	7.8
2019-07-01	CVE-2019-13135	Use of Uninitialized Resource vulnerability in multiple products ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. network low complexity imagemagick debian canonical f5 CWE-908	8.8
2019-06-27	CVE-2019-5827	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject debian canonical CWE-190	8.8
2019-06-27	CVE-2018-6156	Out-of-bounds Write vulnerability in multiple products Incorect derivation of a packet length in WebRTC in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. network low complexity google canonical CWE-787	8.8
2019-06-25	CVE-2019-12817	Out-of-bounds Write vulnerability in multiple products arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. local high complexity canonical linux fedoraproject debian opensuse redhat CWE-787	7.0
2019-06-24	CVE-2018-20843	XXE vulnerability in multiple products In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). network low complexity libexpat-project canonical debian fedoraproject opensuse oracle tenable CWE-611	7.5
2019-06-19	CVE-2019-11479	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. network low complexity linux f5 canonical redhat CWE-770	7.5