High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-05	CVE-2019-7398	Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. network low complexity imagemagick opensuse debian canonical CWE-401	7.5
2019-02-05	CVE-2019-7397	Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. network low complexity imagemagick graphicsmagick opensuse debian canonical CWE-401	7.5
2019-02-05	CVE-2019-7396	Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c. network low complexity imagemagick opensuse debian canonical CWE-401	7.5
2019-02-05	CVE-2019-7395	Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. network low complexity imagemagick opensuse debian canonical CWE-401	7.5
2019-02-04	CVE-2019-1000018	Command Injection vulnerability in multiple products rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. local low complexity pizzashack debian fedoraproject canonical CWE-77	7.8
2019-02-04	CVE-2019-3813	Off-by-one Error vulnerability in multiple products Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. high complexity spice-project redhat debian canonical CWE-193	7.5
2019-02-04	CVE-2019-3461	Race Condition vulnerability in Debian Linux and Tmpreaper Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a (bind) mount via rename() which could result in local privilege escalation. local high complexity debian CWE-362	7.0
2019-02-03	CVE-2019-7310	Incorrect Conversion between Numeric Types vulnerability in multiple products In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo. local low complexity freedesktop canonical debian fedoraproject redhat CWE-681	7.8
2019-01-31	CVE-2019-7283	An issue was discovered in rcp in NetKit through 0.17. network high complexity netkit debian	7.4
2019-01-30	CVE-2018-17199	Session Fixation vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. network low complexity apache debian netapp canonical oracle CWE-384	7.5