High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-25	CVE-2018-16881	Integer Overflow or Wraparound vulnerability in multiple products A denial of service vulnerability was found in rsyslog in the imptcp module. network low complexity rsyslog redhat debian CWE-190	7.5
2019-01-24	CVE-2019-6486	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks. network low complexity golang debian opensuse CWE-770	8.2
2019-01-22	CVE-2019-6338	Deserialization of Untrusted Data vulnerability in multiple products In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8.5.x prior to 8.5.9; Drupal core uses the third-party PEAR Archive_Tar library. network low complexity drupal debian CWE-502	8.0
2019-01-16	CVE-2017-3145	Use After Free vulnerability in multiple products BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. network low complexity isc redhat debian netapp juniper CWE-416	7.5
2019-01-16	CVE-2018-20721	Out-of-bounds Read vulnerability in multiple products URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParseEx functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a "//[::44.1" address. network low complexity uriparser-project debian CWE-125	7.5
2019-01-14	CVE-2019-6256	Improper Handling of Exceptional Conditions vulnerability in multiple products A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. network low complexity live555 debian CWE-755	7.5
2019-01-11	CVE-2018-16865	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. local low complexity systemd-project redhat debian canonical oracle CWE-770	7.8
2019-01-11	CVE-2018-16864	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. local low complexity systemd-project redhat debian canonical oracle CWE-770	7.8
2019-01-11	CVE-2019-6128	Memory Leak vulnerability in multiple products The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. network low complexity libtiff canonical opensuse debian CWE-401	8.8
2019-01-09	CVE-2018-6174	Integer Overflow or Wraparound vulnerability in multiple products Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page. network low complexity google debian redhat CWE-190	8.8