High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-26	CVE-2019-18679	Information Exposure vulnerability in multiple products An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. network low complexity squid-cache canonical debian fedoraproject CWE-200	7.5
2019-11-26	CVE-2019-18676	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid 3.x and 4.x through 4.8. network low complexity squid-cache canonical fedoraproject debian CWE-787	7.5
2019-11-26	CVE-2011-4082	Resource Exhaustion vulnerability in multiple products A local file inclusion flaw was found in the way the phpLDAPadmin before 0.9.8 processed certain values of the "Accept-Language" HTTP header. network low complexity phpldapadmin-project debian CWE-400	7.5
2019-11-26	CVE-2011-3632	Link Following vulnerability in multiple products Hardlink before 0.1.2 operates on full file system objects path names which can allow a local attacker to use this flaw to conduct symlink attacks. local low complexity hardlink-project redhat debian CWE-59	7.1
2019-11-26	CVE-2011-3631	Integer Overflow or Wraparound vulnerability in multiple products Hardlink before 0.1.2 has multiple integer overflows leading to heap-based buffer overflows because of the way string lengths concatenation is done in the calculation of the required memory space to be used. network low complexity hardlink-project redhat debian CWE-190	8.8
2019-11-26	CVE-2011-3630	Out-of-bounds Write vulnerability in multiple products Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. network low complexity hardlink-project redhat debian CWE-787	8.8
2019-11-26	CVE-2011-3596	Reachable Assertion vulnerability in multiple products Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request. network low complexity polipo-project debian CWE-617	7.5
2019-11-25	CVE-2012-6639	Improper Privilege Management vulnerability in multiple products An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data. network low complexity canonical debian suse CWE-269	8.8
2019-11-25	CVE-2019-19246	Out-of-bounds Read vulnerability in multiple products Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c. network low complexity oniguruma-project php fedoraproject canonical debian CWE-125	7.5
2019-11-25	CVE-2015-1396	Path Traversal vulnerability in multiple products A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. network low complexity gnu debian CWE-22	7.5