High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-10	CVE-2019-13729	Use After Free vulnerability in multiple products Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-416	8.8
2019-12-10	CVE-2019-13728	Out-of-bounds Write vulnerability in multiple products Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-787	8.8
2019-12-10	CVE-2019-13727	Improper Preservation of Permissions vulnerability in multiple products Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-281	8.8
2019-12-10	CVE-2019-13726	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-119	8.8
2019-12-10	CVE-2019-13725	Use After Free vulnerability in multiple products Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-416	8.8
2019-12-10	CVE-2013-4133	Improper Resource Shutdown or Release vulnerability in multiple products kde-workspace before 4.10.5 has a memory leak in plasma desktop network low complexity kde debian CWE-404	7.5
2019-12-08	CVE-2019-19630	Out-of-bounds Write vulnerability in multiple products HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function in string.c (when called from render_contents in ps-pdf.cxx) via a crafted HTML document. local low complexity htmldoc-project debian fedoraproject CWE-787	7.8
2019-12-08	CVE-2019-19448	Use After Free vulnerability in multiple products In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure. local low complexity linux debian canonical netapp CWE-416	7.8
2019-12-06	CVE-2012-2130	Inadequate Encryption Strength vulnerability in multiple products A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys. network high complexity polarssl debian fedoraproject CWE-326	7.4
2019-12-05	CVE-2019-16770	In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. network low complexity puma debian	7.5