Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-23	CVE-2019-5798	Out-of-bounds Read vulnerability in multiple products Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. network low complexity google debian redhat opensuse canonical suse CWE-125	6.5
2019-05-20	CVE-2019-12221	Out-of-bounds Write vulnerability in multiple products An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. network low complexity libsdl fedoraproject canonical opensuse debian CWE-787	6.5
2019-05-20	CVE-2019-12216	Out-of-bounds Write vulnerability in multiple products An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. network low complexity libsdl fedoraproject debian canonical CWE-787	6.5
2019-05-20	CVE-2019-12213	Uncontrolled Recursion vulnerability in multiple products When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion. network low complexity freeimage-project canonical debian fedoraproject CWE-674	6.5
2019-05-15	CVE-2019-11833	Use of Uninitialized Resource vulnerability in multiple products fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. local low complexity linux fedoraproject debian canonical redhat CWE-908	5.5
2019-04-24	CVE-2019-3882	A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. local low complexity linux fedoraproject debian canonical opensuse netapp	5.5
2019-04-24	CVE-2019-11498	Access of Uninitialized Pointer vulnerability in multiple products WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data. network low complexity wavpack canonical fedoraproject debian CWE-824	6.5
2019-04-23	CVE-2019-2684	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). network high complexity oracle redhat opensuse debian apache canonical hp	5.9
2019-04-23	CVE-2019-2683	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). network low complexity oracle canonical redhat	4.9
2019-04-23	CVE-2019-2628	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle canonical mariadb opensuse redhat	4.9