Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-24	CVE-2019-12384	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. network high complexity fasterxml debian redhat CWE-502	5.9
2019-06-19	CVE-2019-12814	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. network high complexity fasterxml debian CWE-502	5.9
2019-06-19	CVE-2019-11040	Out-of-bounds Read vulnerability in multiple products When PHP EXIF extension is parsing EXIF information from an image, e.g. network low complexity php redhat opensuse debian CWE-125	6.4
2019-06-19	CVE-2019-11039	Out-of-bounds Read vulnerability in multiple products Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. network low complexity php redhat opensuse debian CWE-125	6.4
2019-06-19	CVE-2019-11038	Use of Uninitialized Resource vulnerability in multiple products When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. network low complexity libgd php canonical debian fedoraproject suse opensuse redhat CWE-908	5.3
2019-06-17	CVE-2019-8323	Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. network low complexity rubygems debian opensuse CWE-74	5.0
2019-06-17	CVE-2019-8322	Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. network low complexity rubygems debian opensuse CWE-74	5.0
2019-06-17	CVE-2019-8321	Argument Injection or Modification vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. network low complexity rubygems debian opensuse CWE-88	5.0
2019-06-17	CVE-2019-8325	Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. network low complexity rubygems opensuse debian CWE-74	5.0
2019-06-17	CVE-2019-8324	Code Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. network rubygems debian opensuse redhat CWE-94	6.8