High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-15	CVE-2011-2726	Incorrect Authorization vulnerability in multiple products An access bypass issue was found in Drupal 7.x before version 7.5. network low complexity drupal debian redhat fedoraproject CWE-863	7.5
2019-11-15	CVE-2016-5285	NULL Pointer Dereference vulnerability in multiple products A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service. network low complexity mozilla debian redhat suse avaya CWE-476	7.5
2019-11-15	CVE-2014-0021	Chrony before 1.29.1 has traffic amplification in cmdmon protocol network low complexity chrony-project debian fedoraproject	7.5
2019-11-15	CVE-2013-7089	Information Exposure vulnerability in multiple products ClamAV before 0.97.7: dbg_printhex possible information leak network low complexity clamav debian fedoraproject CWE-200	7.5
2019-11-14	CVE-2012-1155	Information Exposure vulnerability in multiple products Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to network low complexity moodle fedoraproject redhat debian CWE-200	7.5
2019-11-14	CVE-2011-1588	Use of Externally-Controlled Format String vulnerability in multiple products Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error. local low complexity xfce opensuse debian CWE-134	7.8
2019-11-14	CVE-2011-1145	Classic Buffer Overflow vulnerability in multiple products The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string. local low complexity unixodbc debian opensuse redhat CWE-120	7.8
2019-11-14	CVE-2011-1070	Incorrect Authorization vulnerability in multiple products v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. local low complexity v86d-project debian CWE-863	7.8
2019-11-13	CVE-2010-5108	Incorrect Default Permissions vulnerability in multiple products Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. network low complexity edgewall debian CWE-276	7.5
2019-11-13	CVE-2010-4664	Improper Privilege Management vulnerability in multiple products In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. network low complexity consolekit-project debian redhat CWE-269	8.8