High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-01	CVE-2019-14494	Divide By Zero vulnerability in multiple products An issue was discovered in Poppler through 0.78.0. network low complexity freedesktop canonical fedoraproject debian redhat CWE-369	7.5
2019-08-01	CVE-2019-14493	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in OpenCV before 4.1.1. network low complexity opencv debian CWE-476	7.5
2019-08-01	CVE-2019-0193	Code Injection vulnerability in multiple products In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. network low complexity apache debian CWE-94	7.2
2019-07-31	CVE-2019-10185	It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. network low complexity icedtea-web-project debian opensuse	8.6
2019-07-31	CVE-2019-10181	It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. network high complexity icedtea-web-project debian opensuse	8.1
2019-07-31	CVE-2019-14459	Integer Overflow or Wraparound vulnerability in multiple products nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service). network low complexity nfdump-project debian fedoraproject CWE-190	7.5
2019-07-30	CVE-2019-14439	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. network low complexity fasterxml debian fedoraproject apache redhat oracle CWE-502	7.5
2019-07-26	CVE-2019-13638	OS Command Injection vulnerability in multiple products GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. local low complexity gnu debian CWE-78	7.8
2019-07-26	CVE-2019-13565	An issue was discovered in OpenLDAP 2.x before 2.4.48. network low complexity openldap canonical debian opensuse f5 apple oracle	7.5
2019-07-23	CVE-2019-9811	Injection vulnerability in multiple products As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. network high complexity mozilla debian novell opensuse CWE-74	8.3