Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-08	CVE-2019-17024	Out-of-bounds Write vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. network mozilla canonical debian redhat opensuse CWE-787	6.8
2020-01-08	CVE-2019-17023	Improper Authentication vulnerability in multiple products After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. network low complexity mozilla canonical debian CWE-287	6.5
2020-01-08	CVE-2019-17022	Cross-site Scripting vulnerability in Mozilla Firefox and Firefox ESR When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. network mozilla canonical debian redhat CWE-79	4.3
2020-01-08	CVE-2019-17017	Type Confusion vulnerability in Mozilla Firefox and Firefox ESR Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. network mozilla canonical debian redhat CWE-843	6.8
2020-01-08	CVE-2019-17016	Cross-site Scripting vulnerability in Mozilla Firefox and Firefox ESR When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. network mozilla debian canonical redhat CWE-79	4.3
2020-01-08	CVE-2019-11745	Out-of-bounds Write vulnerability in multiple products When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. network mozilla opensuse canonical debian redhat siemens CWE-787	6.8
2020-01-08	CVE-2020-0009	Incorrect Default Permissions vulnerability in multiple products In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. local low complexity google debian CWE-276	5.5
2020-01-08	CVE-2019-5188	Out-of-bounds Write vulnerability in multiple products A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. local low complexity e2fsprogs-project fedoraproject debian canonical opensuse netapp CWE-787	6.7
2020-01-06	CVE-2019-18179	An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. network low complexity otrs debian opensuse	4.3
2020-01-06	CVE-2019-18792	Code Injection vulnerability in multiple products An issue was discovered in Suricata 5.0.0. network low complexity suricata-ids debian CWE-94	6.4