High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-09	CVE-2019-10894	Reachable Assertion vulnerability in multiple products In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. network low complexity wireshark fedoraproject debian canonical opensuse CWE-617	7.5
2019-04-08	CVE-2019-0211	Use After Free vulnerability in multiple products In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. local low complexity apache fedoraproject canonical debian opensuse netapp redhat oracle CWE-416	7.8
2019-04-08	CVE-2019-0217	Race Condition vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. network high complexity apache debian fedoraproject canonical redhat opensuse netapp oracle CWE-362	7.5
2019-04-08	CVE-2019-11009	Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file. network low complexity graphicsmagick opensuse debian CWE-125	8.1
2019-04-08	CVE-2019-11008	Out-of-bounds Write vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. network low complexity graphicsmagick opensuse debian canonical CWE-787	8.8
2019-04-08	CVE-2019-11007	Out-of-bounds Read vulnerability in multiple products In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap. network low complexity graphicsmagick opensuse debian canonical CWE-125	8.1
2019-04-04	CVE-2018-10242	Out-of-bounds Read vulnerability in multiple products Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. network low complexity oisf debian CWE-125	7.5
2019-03-30	CVE-2019-10650	Out-of-bounds Read vulnerability in multiple products In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file. network low complexity imagemagick debian CWE-125	8.1
2019-03-28	CVE-2019-0222	In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive. network low complexity apache netapp oracle debian	7.5
2019-03-28	CVE-2019-7524	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. local low complexity dovecot debian canonical opensuse CWE-119	7.8