Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-19	CVE-2019-5765	Cleartext Storage of Sensitive Information vulnerability in multiple products An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent. local low complexity google redhat debian fedoraproject CWE-312	5.5
2019-02-19	CVE-2019-5754	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy. network low complexity google redhat fedoraproject debian CWE-327	6.5
2019-02-18	CVE-2019-8905	Out-of-bounds Read vulnerability in multiple products do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360. local low complexity debian file-project canonical opensuse CWE-125	4.4
2019-02-17	CVE-2016-10742	Open Redirect vulnerability in multiple products Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter. network low complexity zabbix debian CWE-601	6.1
2019-02-15	CVE-2019-8354	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in SoX 14.4.2. local low complexity sound-exchange-project debian canonical CWE-190	5.0
2019-02-11	CVE-2018-15587	Improper Verification of Cryptographic Signature vulnerability in multiple products GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment. network low complexity gnome debian CWE-347	6.5
2019-02-09	CVE-2019-7665	Out-of-bounds Read vulnerability in multiple products In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. local low complexity elfutils-project debian canonical opensuse redhat CWE-125	5.5
2019-02-09	CVE-2019-7663	An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. network low complexity libtiff debian canonical opensuse	6.5
2019-02-05	CVE-2018-18506	When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. network high complexity mozilla canonical debian redhat opensuse	5.9
2019-02-04	CVE-2019-1000020	Infinite Loop vulnerability in multiple products libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. network low complexity libarchive canonical debian redhat opensuse fedoraproject CWE-835	6.5