Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-23	CVE-2019-2627	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). network low complexity oracle canonical mariadb opensuse redhat	4.9
2019-04-23	CVE-2019-2614	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). network high complexity oracle canonical mariadb redhat fedoraproject opensuse	4.4
2019-04-23	CVE-2019-2592	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). network low complexity oracle canonical fedoraproject redhat	4.9
2019-04-23	CVE-2019-2581	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle canonical fedoraproject redhat	4.9
2019-04-23	CVE-2019-2566	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Audit Plug-in). network low complexity oracle canonical	4.9
2019-04-23	CVE-2019-11474	Incorrect Calculation vulnerability in multiple products coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009. network low complexity graphicsmagick fedoraproject debian canonical opensuse CWE-682	6.5
2019-04-22	CVE-2019-11459	Use of Uninitialized Resource vulnerability in multiple products The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. local low complexity gnome canonical fedoraproject debian redhat opensuse CWE-908	5.5
2019-04-22	CVE-2019-11454	Cross-site Scripting vulnerability in multiple products Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipulation of an unsanitized user field of the Authorization header for HTTP Basic Authentication, which is mishandled during an _viewlog operation. network low complexity mmonit debian canonical fedoraproject CWE-79	6.1
2019-04-22	CVE-2015-1343	Information Exposure Through Log Files vulnerability in Canonical Ubuntu Linux 15.10 All versions of unity-scope-gdrive logs search terms to syslog. network low complexity canonical CWE-532	5.3
2019-04-18	CVE-2018-16878	Resource Exhaustion vulnerability in multiple products A flaw was found in pacemaker up to and including version 2.0.1. local low complexity clusterlabs canonical fedoraproject debian opensuse redhat CWE-400	5.5