High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-28	CVE-2019-9208	NULL Pointer Dereference vulnerability in multiple products In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector could crash. network low complexity wireshark debian CWE-476	7.5
2019-02-27	CVE-2019-9210	Integer Overflow or Wraparound vulnerability in multiple products In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. local low complexity advancemame debian canonical fedoraproject CWE-190	7.8
2019-02-26	CVE-2019-9200	Out-of-bounds Write vulnerability in multiple products A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. network low complexity freedesktop debian canonical CWE-787	8.8
2019-02-22	CVE-2019-9023	Out-of-bounds Read vulnerability in PHP An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. network low complexity php debian canonical netapp opensuse CWE-125	7.5
2019-02-22	CVE-2019-9021	Out-of-bounds Read vulnerability in PHP An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. network low complexity php debian canonical netapp opensuse CWE-125	7.5
2019-02-22	CVE-2019-9020	Use After Free vulnerability in PHP An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. network low complexity php debian canonical netapp opensuse CWE-416	7.5
2019-02-21	CVE-2019-8980	Memory Leak vulnerability in multiple products A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures. network low complexity linux canonical opensuse debian CWE-401	7.5
2019-02-20	CVE-2018-5819	Resource Exhaustion vulnerability in multiple products An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources. network low complexity libraw debian CWE-400	7.8
2019-02-20	CVE-2019-7164	SQL Injection vulnerability in multiple products SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injection via the order_by parameter. network low complexity sqlalchemy debian opensuse redhat oracle CWE-89	7.5
2019-02-19	CVE-2019-5783	Improper Input Validation vulnerability in multiple products Missing URI encoding of untrusted input in DevTools in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform a Dangling Markup Injection attack via a crafted HTML page. network low complexity google debian CWE-20	8.8