High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-18	CVE-2018-1311	Use After Free vulnerability in multiple products The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. network high complexity apache redhat debian oracle fedoraproject CWE-416	8.1
2019-12-18	CVE-2019-19880	NULL Pointer Dereference vulnerability in multiple products exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. network low complexity sqlite netapp debian suse redhat opensuse oracle siemens CWE-476	7.5
2019-12-17	CVE-2019-19816	Out-of-bounds Write vulnerability in multiple products In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled. local low complexity linux canonical debian netapp CWE-787	7.8
2019-12-16	CVE-2019-19331	Improper Resource Shutdown or Release vulnerability in multiple products knot-resolver before version 4.3.0 is vulnerable to denial of service through high CPU utilization. network low complexity nic debian CWE-404	7.5
2019-12-13	CVE-2014-3495	Improper Certificate Validation vulnerability in multiple products duplicity 0.6.24 has improper verification of SSL certificates network low complexity debian opensuse CWE-295	7.5
2019-12-12	CVE-2019-12420	Resource Exhaustion vulnerability in multiple products In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. network low complexity apache debian CWE-400	7.5
2019-12-12	CVE-2019-17358	Deserialization of Untrusted Data vulnerability in multiple products Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. network low complexity cacti debian opensuse CWE-502	8.1
2019-12-11	CVE-2019-19583	An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) because VMX VMEntry checks mishandle a certain case. network low complexity xen fedoraproject opensuse debian	7.5
2019-12-11	CVE-2013-4245	Improper Input Validation vulnerability in multiple products Orca has arbitrary code execution due to insecure Python module load local low complexity gnome debian CWE-20	7.3
2019-12-11	CVE-2019-5815	Type Confusion vulnerability in multiple products Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data. network low complexity xmlsoft debian CWE-843	7.5