High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-07	CVE-2019-3465	Improper Verification of Cryptographic Signature vulnerability in multiple products Rob Richards XmlSecLibs, all versions prior to v3.0.3, as used for example by SimpleSAMLphp, performed incorrect validation of cryptographic signatures in XML messages, allowing an authenticated attacker to impersonate others or elevate privileges by creating a crafted XML message. network low complexity xmlseclibs-project debian simplesamlphp CWE-347	8.8
2019-11-07	CVE-2019-18804	NULL Pointer Dereference vulnerability in multiple products DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp. network low complexity djvulibre-project debian fedoraproject canonical opensuse CWE-476	7.5
2019-11-06	CVE-2007-0899	Out-of-bounds Write vulnerability in multiple products There is a possible heap overflow in libclamav/fsg.c before 0.100.0. network low complexity clamav debian CWE-787	7.5
2019-11-04	CVE-2005-4890	Improper Input Validation vulnerability in multiple products There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". local low complexity debian sudo-project redhat CWE-20	7.2
2019-11-04	CVE-2019-18683	Use After Free vulnerability in multiple products An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. local high complexity linux canonical opensuse netapp broadcom debian CWE-416	7.0
2019-11-04	CVE-2013-4412	NULL Pointer Dereference vulnerability in multiple products slim has NULL pointer dereference when using crypt() method from glibc 2.17 network low complexity berlios debian CWE-476	7.5
2019-11-01	CVE-2013-2739	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products MiniDLNA has heap-based buffer overflow network low complexity readymedia-project debian CWE-119	7.5
2019-10-31	CVE-2019-5010	NULL Pointer Dereference vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. network low complexity python opensuse debian redhat CWE-476	7.5
2019-10-31	CVE-2013-1910	Improper Input Validation vulnerability in multiple products yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository. network low complexity baseurl debian CWE-20	7.5
2019-10-31	CVE-2009-5043	Improper Handling of Exceptional Conditions vulnerability in multiple products burn allows file names to escape via mishandled quotation marks network low complexity burn-project debian CWE-755	7.5