Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-03	CVE-2019-15165	Allocation of Resources Without Limits or Throttling vulnerability in multiple products sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. network low complexity tcpdump debian opensuse oracle apple canonical fedoraproject CWE-770	5.3
2019-09-28	CVE-2019-16935	Cross-site Scripting vulnerability in multiple products The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. network low complexity python debian canonical CWE-79	6.1
2019-09-27	CVE-2019-9433	Improper Input Validation vulnerability in multiple products In libvpx, there is a possible information disclosure due to improper input validation. network low complexity google opensuse fedoraproject debian canonical CWE-20	6.5
2019-09-27	CVE-2019-9371	Improper Input Validation vulnerability in multiple products In libvpx, there is a possible resource exhaustion due to improper input validation. network low complexity google opensuse fedoraproject debian canonical CWE-20	6.5
2019-09-27	CVE-2019-9325	Out-of-bounds Read vulnerability in multiple products In libvpx, there is a possible out of bounds read due to a missing bounds check. network low complexity google canonical fedoraproject opensuse debian CWE-125	6.5
2019-09-26	CVE-2019-10092	Cross-site Scripting vulnerability in multiple products In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. network low complexity apache opensuse debian redhat fedoraproject canonical netapp oracle CWE-79	6.1
2019-09-25	CVE-2017-18635	Cross-site Scripting vulnerability in multiple products An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name. network low complexity novnc debian canonical redhat CWE-79	6.1
2019-09-25	CVE-2019-13627	Information Exposure Through Discrepancy vulnerability in multiple products It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. local high complexity canonical opensuse libgcrypt20-project CWE-203	6.3
2019-09-24	CVE-2019-5094	Out-of-bounds Write vulnerability in multiple products An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. local low complexity e2fsprogs-project debian fedoraproject canonical netapp CWE-787	6.7
2019-09-23	CVE-2019-16713	Memory Leak vulnerability in multiple products ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. network low complexity imagemagick canonical opensuse debian CWE-401	6.5