High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-08	CVE-2019-11007	Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. network low complexity graphicsmagick opensuse debian canonical CWE-125	8.1
2019-04-07	CVE-2019-10906	In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. network low complexity palletsprojects fedoraproject canonical redhat opensuse	8.6
2019-04-01	CVE-2019-8956	Use After Free vulnerability in multiple products In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory. local low complexity linux canonical CWE-416	7.8
2019-03-28	CVE-2019-7524	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. local low complexity dovecot debian canonical opensuse CWE-119	7.8
2019-03-27	CVE-2019-3821	Missing Release of Resource after Effective Lifetime vulnerability in multiple products A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. network low complexity ceph canonical CWE-772	7.5
2019-03-26	CVE-2019-3878	Improper Authentication vulnerability in multiple products A vulnerability was found in mod_auth_mellon before v0.14.2. network high complexity mod-auth-mellon-project fedoraproject redhat canonical CWE-287	8.1
2019-03-22	CVE-2019-9924	Missing Authorization vulnerability in multiple products rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell. local low complexity gnu debian opensuse netapp canonical CWE-862	7.8
2019-03-21	CVE-2019-7221	Use After Free vulnerability in multiple products The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. local low complexity linux opensuse fedoraproject debian canonical netapp redhat CWE-416	7.8
2019-03-21	CVE-2019-6778	Out-of-bounds Write vulnerability in multiple products In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow. local low complexity qemu opensuse fedoraproject canonical CWE-787	7.8
2019-03-21	CVE-2019-6690	Improper Input Validation vulnerability in multiple products python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. network low complexity python debian opensuse suse canonical CWE-20	7.5