High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-06	CVE-2019-3823	Out-of-bounds Read vulnerability in multiple products libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. network low complexity haxx canonical debian netapp oracle CWE-125	7.5
2019-02-06	CVE-2018-16890	Integer Overflow or Wraparound vulnerability in multiple products libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. network low complexity haxx canonical debian netapp siemens oracle redhat f5 CWE-190	7.5
2019-02-05	CVE-2018-18505	Improper Authentication vulnerability in Mozilla Firefox and Firefox ESR An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. network low complexity mozilla canonical debian redhat CWE-287	7.5
2019-02-05	CVE-2018-18504	Out-of-bounds Read vulnerability in multiple products A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. network low complexity mozilla canonical CWE-125	7.5
2019-02-05	CVE-2018-18501	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. network low complexity mozilla canonical debian redhat CWE-119	7.5
2019-02-05	CVE-2018-18500	Use After Free vulnerability in Mozilla Firefox and Firefox ESR A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. network low complexity mozilla canonical debian redhat CWE-416	7.5
2019-02-05	CVE-2018-11803	Access of Uninitialized Pointer vulnerability in multiple products Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation. network low complexity apache canonical CWE-824	7.5
2019-02-04	CVE-2019-1000018	Command Injection vulnerability in multiple products rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. local low complexity pizzashack debian fedoraproject canonical CWE-77	7.8
2019-02-03	CVE-2019-7310	Incorrect Conversion between Numeric Types vulnerability in multiple products In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo. local low complexity freedesktop canonical debian fedoraproject redhat CWE-681	7.8
2019-01-31	CVE-2018-11790	Incorrect Calculation vulnerability in multiple products When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. local low complexity apache canonical CWE-682	7.8