High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-20	CVE-2015-3167	Information Exposure vulnerability in multiple products contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack. network low complexity postgresql debian canonical CWE-200	7.5
2019-11-20	CVE-2013-1817	Information Exposure vulnerability in multiple products MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. network low complexity mediawiki debian redhat fedoraproject CWE-200	7.5
2019-11-20	CVE-2013-1816	Improper Input Validation vulnerability in multiple products MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. network low complexity mediawiki debian redhat fedoraproject CWE-20	7.5
2019-11-20	CVE-2019-3466	Improper Privilege Management vulnerability in multiple products The pg_ctlcluster script in postgresql-common in versions prior to 210 didn't drop privileges when creating socket/statistics temporary directories, which could result in local privilege escalation. local low complexity postgresql canonical debian CWE-269	7.8
2019-11-20	CVE-2011-0529	Improper Input Validation vulnerability in multiple products Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP. network low complexity weborf-project debian CWE-20	7.5
2019-11-19	CVE-2012-6071	Improper Certificate Validation vulnerability in multiple products nuSOAP before 0.7.3-5 does not properly check the hostname of a cert. network low complexity nusoap-project debian CWE-295	7.5
2019-11-19	CVE-2014-5439	Out-of-bounds Write vulnerability in multiple products Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit prior to 0.3.7 via a crafted configuration file that will bypass Non-eXecutable bit NX, stack smashing protector SSP, and address space layout randomization ASLR protection mechanisms, which could let a malicious user execute arbitrary code. local low complexity sniffit-project debian CWE-787	7.8
2019-11-18	CVE-2019-10172	A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. network low complexity fasterxml redhat debian apache	7.5
2019-11-18	CVE-2019-19074	Memory Leak vulnerability in multiple products A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4. network low complexity linux debian canonical CWE-401	7.5
2019-11-18	CVE-2019-19052	Memory Leak vulnerability in multiple products A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486. network low complexity linux debian canonical opensuse oracle netapp broadcom CWE-401	7.5