High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-01	CVE-2019-14496	Out-of-bounds Write vulnerability in multiple products LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 has a stack-based buffer overflow. local low complexity milkytracker-project canonical debian CWE-787	7.8
2019-08-01	CVE-2019-14494	Divide By Zero vulnerability in multiple products An issue was discovered in Poppler through 0.78.0. network low complexity freedesktop canonical fedoraproject debian redhat CWE-369	7.5
2019-07-31	CVE-2019-14452	Path Traversal vulnerability in multiple products Sigil before 0.9.16 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. network low complexity sigil-ebook flightcrew-project canonical CWE-22	7.5
2019-07-30	CVE-2019-10161	Missing Authorization vulnerability in multiple products It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. local low complexity redhat canonical CWE-862	7.8
2019-07-26	CVE-2019-13565	An issue was discovered in OpenLDAP 2.x before 2.4.48. network low complexity openldap canonical debian opensuse f5 apple oracle	7.5
2019-07-17	CVE-2019-13619	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. network low complexity wireshark fedoraproject canonical debian opensuse CWE-119	7.5
2019-07-17	CVE-2019-13272	In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). local low complexity linux debian fedoraproject canonical redhat netapp	7.8
2019-07-16	CVE-2019-13616	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. network low complexity libsdl debian opensuse fedoraproject canonical redhat CWE-125	8.1
2019-07-15	CVE-2019-1010006	Integer Overflow or Wraparound vulnerability in multiple products Evince 3.26.0 is affected by buffer overflow. local low complexity gnome canonical debian opensuse CWE-190	7.8
2019-07-14	CVE-2019-13602	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file. local low complexity videolan debian canonical opensuse CWE-191	7.8