High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-03	CVE-2018-14463	Out-of-bounds Read vulnerability in multiple products The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167. network low complexity tcpdump redhat debian opensuse fedoraproject f5 apple CWE-125	7.5
2019-10-03	CVE-2018-14462	Out-of-bounds Read vulnerability in multiple products The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). network low complexity tcpdump redhat debian opensuse fedoraproject f5 apple CWE-125	7.5
2019-10-03	CVE-2018-14461	Out-of-bounds Read vulnerability in multiple products The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). network low complexity tcpdump redhat debian opensuse fedoraproject apple CWE-125	7.5
2019-09-30	CVE-2019-16276	HTTP Request Smuggling vulnerability in multiple products Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. network low complexity golang debian opensuse fedoraproject redhat netapp CWE-444	7.5
2019-09-27	CVE-2019-9278	Integer Overflow or Wraparound vulnerability in multiple products In libexif, there is a possible out of bounds write due to an integer overflow. network low complexity google opensuse fedoraproject debian canonical CWE-190	8.8
2019-09-27	CVE-2019-9232	Out-of-bounds Read vulnerability in multiple products In libvpx, there is a possible out of bounds read due to a missing bounds check. network low complexity google canonical opensuse fedoraproject debian CWE-125	7.5
2019-09-27	CVE-2019-8075	Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. network low complexity adobe google debian fedoraproject	7.5
2019-09-26	CVE-2019-16869	HTTP Request Smuggling vulnerability in multiple products Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling. network low complexity netty debian canonical redhat CWE-444	7.5
2019-09-25	CVE-2019-15941	Incorrect Authorization vulnerability in multiple products OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. network low complexity lemonldap-ng debian CWE-863	7.5
2019-09-24	CVE-2019-16729	pam-python before 1.0.7-1 has an issue in regard to the default environment variable handling of Python, which could allow for local root escalation in certain PAM setups. local low complexity pam-python-project debian canonical	7.8