Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-14	CVE-2019-18978	Path Traversal vulnerability in multiple products An issue was discovered in the rack-cors (aka Rack CORS Middleware) gem before 1.0.4 for Ruby. network low complexity rack-cors-project debian canonical CWE-22	5.3
2019-11-14	CVE-2018-12207	Improper Input Validation vulnerability in multiple products Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. local low complexity intel debian opensuse fedoraproject canonical f5 redhat oracle CWE-20	6.5
2019-11-14	CVE-2019-11139	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. local low complexity debian opensuse intel CWE-754	6.0
2019-11-14	CVE-2019-11135	TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. local low complexity opensuse fedoraproject slackware hp intel canonical debian redhat oracle	6.5
2019-11-14	CVE-2011-1490	Missing Release of Resource after Effective Lifetime vulnerability in multiple products A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. local low complexity rsyslog debian opensuse CWE-772	5.5
2019-11-14	CVE-2011-1489	Missing Release of Resource after Effective Lifetime vulnerability in multiple products A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. local low complexity rsyslog opensuse debian CWE-772	5.5
2019-11-14	CVE-2011-1488	Missing Release of Resource after Effective Lifetime vulnerability in multiple products A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. local low complexity rsyslog opensuse debian CWE-772	5.5
2019-11-14	CVE-2011-1136	Link Following vulnerability in multiple products In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file. local high complexity tesseract-project debian CWE-59	4.7
2019-11-14	CVE-2011-0544	Cross-site Scripting vulnerability in multiple products phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag. network low complexity phpbb debian CWE-79	6.1
2019-11-13	CVE-2010-4817	Link Following vulnerability in multiple products pithos before 0.3.5 allows overwrite of arbitrary files via symlinks. local low complexity pithos-project debian CWE-59	5.5