19.10

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-16	CVE-2019-2914	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). network low complexity oracle canonical fedoraproject netapp	6.5
2019-10-16	CVE-2019-2911	Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). network low complexity oracle canonical fedoraproject netapp	2.7
2019-10-16	CVE-2019-2910	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). network high complexity oracle canonical netapp	3.7
2019-10-16	CVE-2019-2894	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). network high complexity oracle debian opensuse mcafee canonical	3.7
2019-10-09	CVE-2019-17402	Classic Buffer Overflow vulnerability in multiple products Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size. network low complexity exiv2 debian canonical CWE-120	6.5
2019-09-27	CVE-2019-9278	Integer Overflow or Wraparound vulnerability in multiple products In libexif, there is a possible out of bounds write due to an integer overflow. network low complexity google opensuse fedoraproject debian canonical CWE-190	8.8
2019-09-25	CVE-2019-16884	Incorrect Authorization vulnerability in multiple products runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. network low complexity linuxfoundation docker fedoraproject opensuse redhat canonical CWE-863	7.5
2019-09-25	CVE-2019-13627	Information Exposure Through Discrepancy vulnerability in multiple products It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. local high complexity canonical opensuse libgcrypt20-project CWE-203	6.3
2019-09-24	CVE-2019-12068	Infinite Loop vulnerability in multiple products In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances 's->dsp' index to read next opcode. local low complexity qemu canonical opensuse CWE-835	3.8
2019-09-24	CVE-2019-16746	Classic Buffer Overflow vulnerability in multiple products An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. network low complexity linux debian canonical fedoraproject opensuse CWE-120 critical	9.8