High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-13	CVE-2010-4661	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. local low complexity udisks-project redhat debian opensuse fedoraproject CWE-434	7.8
2019-11-13	CVE-2010-4657	Missing Release of Resource after Effective Lifetime vulnerability in multiple products PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. network low complexity php redhat debian CWE-772	7.5
2019-11-13	CVE-2010-4654	Injection vulnerability in multiple products poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack. local low complexity freedesktop debian CWE-74	7.8
2019-11-13	CVE-2019-18397	Classic Buffer Overflow vulnerability in multiple products A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. local low complexity gnu debian CWE-120	7.8
2019-11-12	CVE-2010-3844	Classic Buffer Overflow vulnerability in multiple products An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack. network low complexity ettercap-project debian CWE-120	8.8
2019-11-12	CVE-2012-1572	Resource Exhaustion vulnerability in multiple products OpenStack Keystone: extremely long passwords can crash Keystone by exhausting stack space network low complexity openstack debian CWE-400	7.5
2019-11-12	CVE-2019-18848	Improper Authentication vulnerability in multiple products The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. network low complexity json-jwt-project debian CWE-287	7.5
2019-11-12	CVE-2011-3618	Link Following vulnerability in multiple products atop: symlink attack possible due to insecure tempfile handling local low complexity atop-project debian CWE-59	7.8
2019-11-07	CVE-2013-1809	Link Following vulnerability in multiple products Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories. network low complexity gambas-project debian CWE-59	7.5
2019-11-07	CVE-2007-5743	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option. network low complexity viewvc debian CWE-732	7.5