Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-15	CVE-2014-0021	Remote Denial of Service vulnerability in Chrony cmdmon Protocol Amplification Chrony before 1.29.1 has traffic amplification in cmdmon protocol network low complexity chrony-project debian fedoraproject	5.0
2019-11-15	CVE-2013-7089	Information Exposure vulnerability in multiple products ClamAV before 0.97.7: dbg_printhex possible information leak network low complexity clamav debian fedoraproject CWE-200	5.0
2019-11-15	CVE-2013-4584	Improper Handling of Exceptional Conditions vulnerability in multiple products Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. network high complexity horms debian CWE-755	5.9
2019-11-14	CVE-2019-18978	Path Traversal vulnerability in multiple products An issue was discovered in the rack-cors (aka Rack CORS Middleware) gem before 1.0.4 for Ruby. network low complexity rack-cors-project debian canonical CWE-22	5.0
2019-11-14	CVE-2018-12207	Improper Input Validation vulnerability in multiple products Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. local low complexity intel debian opensuse fedoraproject canonical f5 redhat oracle CWE-20	6.5
2019-11-14	CVE-2019-11139	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. local low complexity debian opensuse intel CWE-754	6.0
2019-11-14	CVE-2019-11135	TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. local low complexity opensuse fedoraproject slackware hp intel canonical debian redhat oracle	6.5
2019-11-14	CVE-2012-1155	Information Exposure vulnerability in multiple products Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to network low complexity moodle fedoraproject redhat debian CWE-200	5.0
2019-11-14	CVE-2011-1588	Use of Externally-Controlled Format String vulnerability in multiple products Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error. network xfce opensuse debian CWE-134	6.8
2019-11-14	CVE-2011-1145	Classic Buffer Overflow vulnerability in multiple products The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string. local low complexity unixodbc debian opensuse redhat CWE-120	4.6