High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-31	CVE-2019-5010	NULL Pointer Dereference vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. network low complexity python opensuse debian redhat CWE-476	7.5
2019-10-31	CVE-2013-1910	Improper Input Validation vulnerability in multiple products yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository. network low complexity baseurl debian CWE-20	7.5
2019-10-31	CVE-2009-5043	Improper Handling of Exceptional Conditions vulnerability in multiple products burn allows file names to escape via mishandled quotation marks network low complexity burn-project debian CWE-755	7.5
2019-10-31	CVE-2009-5041	Classic Buffer Overflow vulnerability in Debian Overkill overkill has buffer overflow via long player names that can corrupt data on the server machine network low complexity debian CWE-120	7.5
2019-10-31	CVE-2019-18423	Off-by-one Error vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall. network low complexity xen debian fedoraproject CWE-193	8.8
2019-10-31	CVE-2019-18422	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts. network low complexity xen debian fedoraproject CWE-732	8.8
2019-10-31	CVE-2019-18421	Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. network high complexity xen debian fedoraproject opensuse CWE-362	7.5
2019-10-30	CVE-2010-0748	Improper Input Validation vulnerability in multiple products Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link. network low complexity transmissionbt linux debian CWE-20	7.5
2019-10-24	CVE-2019-17596	Interpretation Conflict vulnerability in multiple products Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. network low complexity golang debian fedoraproject redhat opensuse arista CWE-436	7.5
2019-10-24	CVE-2019-18408	Use After Free vulnerability in multiple products archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol. network low complexity libarchive debian canonical CWE-416	7.5