High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-30	CVE-2018-17199	Session Fixation vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. network low complexity apache debian netapp canonical oracle CWE-384	7.5
2019-01-30	CVE-2018-20750	Out-of-bounds Write vulnerability in multiple products LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. network low complexity libvnc-project canonical debian siemens CWE-787	7.5
2019-01-30	CVE-2018-20749	Out-of-bounds Write vulnerability in multiple products LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. network low complexity libvnc-project canonical debian siemens CWE-787	7.5
2019-01-30	CVE-2018-20748	Out-of-bounds Write vulnerability in multiple products LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. network low complexity libvnc-project debian canonical siemens CWE-787	7.5
2019-01-29	CVE-2018-16880	Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. local high complexity linux canonical CWE-787	7.0
2019-01-28	CVE-2019-3462	Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. network high complexity debian canonical netapp	8.1
2019-01-27	CVE-2019-6977	Out-of-bounds Write vulnerability in multiple products gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. network low complexity libgd php debian canonical netapp CWE-787	8.8
2019-01-23	CVE-2019-6706	Use After Free vulnerability in multiple products Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. network low complexity lua canonical CWE-416	7.5
2019-01-16	CVE-2019-2534	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). network low complexity oracle canonical netapp redhat	7.1
2019-01-14	CVE-2019-6251	WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. network low complexity gnome wpewebkit webkitgtk fedoraproject canonical opensuse	8.1