Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-04	CVE-2019-1000019	Out-of-bounds Read vulnerability in multiple products libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). network low complexity libarchive debian canonical redhat opensuse fedoraproject CWE-125	6.5
2019-02-04	CVE-2019-7317	Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. network high complexity libpng debian canonical oracle hpe hp mozilla opensuse netapp redhat CWE-416	5.3
2019-02-01	CVE-2016-10741	Race Condition vulnerability in multiple products In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure. local high complexity linux debian CWE-362	4.7
2019-01-31	CVE-2019-7282	In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . network high complexity netkit debian fedoraproject	5.9
2019-01-31	CVE-2019-6111	Path Traversal vulnerability in multiple products An issue was discovered in OpenSSH 7.9. network high complexity openbsd winscp canonical debian redhat fedoraproject apache freebsd fujitsu siemens CWE-22	5.9
2019-01-31	CVE-2019-6109	Improper Encoding or Escaping of Output vulnerability in multiple products An issue was discovered in OpenSSH 7.9. network high complexity openbsd winscp canonical debian netapp fedoraproject redhat siemens fujitsu CWE-116	6.8
2019-01-30	CVE-2018-17189	Resource Exhaustion vulnerability in multiple products In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. network low complexity apache netapp fedoraproject debian oracle canonical redhat CWE-400	5.3
2019-01-29	CVE-2019-7150	Out-of-bounds Read vulnerability in multiple products An issue was discovered in elfutils 0.175. local low complexity elfutils-project debian canonical opensuse redhat CWE-125	5.5
2019-01-29	CVE-2019-7149	Out-of-bounds Read vulnerability in multiple products A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. network low complexity elfutils-project debian CWE-125	6.5
2019-01-26	CVE-2019-6799	An issue was discovered in phpMyAdmin before 4.8.5. network high complexity phpmyadmin debian	5.9