Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-26	CVE-2019-6341	Cross-site Scripting vulnerability in multiple products In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. network low complexity drupal debian fedoraproject CWE-79	5.4
2019-03-25	CVE-2019-3874	Resource Exhaustion vulnerability in multiple products The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. low complexity linux debian redhat canonical netapp CWE-400	6.5
2019-03-25	CVE-2019-3838	It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. local low complexity artifex redhat fedoraproject opensuse debian	5.5
2019-03-25	CVE-2019-3835	Missing Authorization vulnerability in multiple products It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. local low complexity artifex redhat fedoraproject debian opensuse CWE-862	5.5
2019-03-25	CVE-2019-10018	Divide By Zero vulnerability in multiple products An issue was discovered in Xpdf 4.01.01. local low complexity xpdfreader debian canonical CWE-369	5.5
2019-03-24	CVE-2019-9956	Out-of-bounds Write vulnerability in multiple products In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file. network imagemagick debian CWE-787	6.8
2019-03-23	CVE-2019-9942	A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is possible to call the __toString() method on an object even if not allowed by the security policy in place. network symfony debian	4.3
2019-03-21	CVE-2019-9903	Out-of-bounds Write vulnerability in multiple products PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary. network low complexity freedesktop fedoraproject debian canonical redhat CWE-787	6.5
2019-03-21	CVE-2019-7222	The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. local low complexity linux fedoraproject opensuse debian canonical netapp redhat	5.5
2019-03-21	CVE-2019-6454	Out-of-bounds Write vulnerability in multiple products An issue was discovered in sd-bus in systemd 239. local low complexity systemd-project opensuse netapp debian fedoraproject canonical redhat mcafee CWE-787	5.5