High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-28	CVE-2019-7524	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. local low complexity dovecot debian canonical opensuse CWE-119	7.8
2019-03-27	CVE-2019-5419	Allocation of Resources Without Limits or Throttling vulnerability in multiple products There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive. network low complexity rubyonrails debian redhat opensuse fedoraproject CWE-770	7.5
2019-03-27	CVE-2019-5418	There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. network low complexity rubyonrails debian redhat opensuse fedoraproject	7.5
2019-03-25	CVE-2019-3857	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. network low complexity libssh2 debian netapp opensuse redhat fedoraproject oracle CWE-190	8.8
2019-03-25	CVE-2019-3856	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. network low complexity libssh2 debian netapp opensuse redhat fedoraproject oracle CWE-190	8.8
2019-03-25	CVE-2019-3863	Out-of-bounds Write vulnerability in multiple products A flaw was found in libssh2 before 1.8.1. network low complexity libssh2 debian netapp opensuse redhat CWE-787	8.8
2019-03-22	CVE-2019-9924	Missing Authorization vulnerability in multiple products rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell. local low complexity gnu debian opensuse netapp canonical CWE-862	7.2
2019-03-21	CVE-2019-3855	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. network low complexity libssh2 fedoraproject debian netapp redhat opensuse apple oracle CWE-190	8.8
2019-03-21	CVE-2019-9897	Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71. network low complexity putty fedoraproject debian netapp opensuse	7.5
2019-03-21	CVE-2019-9894	Key Management Errors vulnerability in multiple products A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. network low complexity putty fedoraproject debian netapp opensuse CWE-320	7.5