High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-12	CVE-2010-3438	Use of Externally-Controlled Format String vulnerability in multiple products libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. network low complexity libpoe-component-irc-perl-project debian fedoraproject CWE-134	7.5
2019-11-12	CVE-2011-2897	Improper Input Validation vulnerability in multiple products gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw network low complexity gnome redhat debian CWE-20	7.5
2019-11-08	CVE-2008-7291	Exposure of Resource to Wrong Sphere vulnerability in multiple products gri before 2.12.18 generates temporary files in an insecure way. network low complexity gri-project debian CWE-668	7.5
2019-11-07	CVE-2007-6745	clamav 0.91.2 suffers from a floating point exception when using ScanOLE2. network low complexity clamav debian	7.5
2019-11-07	CVE-2019-3465	Improper Verification of Cryptographic Signature vulnerability in multiple products Rob Richards XmlSecLibs, all versions prior to v3.0.3, as used for example by SimpleSAMLphp, performed incorrect validation of cryptographic signatures in XML messages, allowing an authenticated attacker to impersonate others or elevate privileges by creating a crafted XML message. network low complexity xmlseclibs-project debian simplesamlphp CWE-347	8.8
2019-11-07	CVE-2019-18804	NULL Pointer Dereference vulnerability in multiple products DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp. network low complexity djvulibre-project debian fedoraproject canonical opensuse CWE-476	7.5
2019-11-06	CVE-2007-0899	Out-of-bounds Write vulnerability in multiple products There is a possible heap overflow in libclamav/fsg.c before 0.100.0. network low complexity clamav debian CWE-787	7.5
2019-11-04	CVE-2005-4890	Improper Input Validation vulnerability in multiple products There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". local low complexity debian sudo-project redhat CWE-20	7.2
2019-11-04	CVE-2019-18683	Use After Free vulnerability in multiple products An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. local high complexity linux canonical opensuse netapp broadcom debian CWE-416	7.0
2019-11-04	CVE-2013-4412	NULL Pointer Dereference vulnerability in multiple products slim has NULL pointer dereference when using crypt() method from glibc 2.17 network low complexity berlios debian CWE-476	7.5