Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-05	CVE-2012-1115	Cross-site Scripting vulnerability in multiple products A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php. network low complexity ldap-account-manager fedoraproject debian CWE-79	6.1
2019-12-05	CVE-2012-1114	Cross-site Scripting vulnerability in multiple products A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. network low complexity ldap-account-manager fedoraproject debian CWE-79	6.1
2019-12-05	CVE-2012-1105	Information Exposure vulnerability in multiple products An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. local low complexity apereo fedoraproject debian CWE-200	5.5
2019-12-05	CVE-2012-1104	Improper Privilege Management vulnerability in multiple products A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed. network low complexity apereo debian CWE-269	5.3
2019-12-05	CVE-2013-0326	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products OpenStack nova base images permissions are world readable local low complexity openstack debian CWE-732	5.5
2019-12-03	CVE-2015-7542	Cleartext Transmission of Sensitive Information vulnerability in multiple products A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates. network low complexity aquamaniac debian opensuse CWE-319	5.3
2019-12-03	CVE-2019-19536	Missing Initialization of Resource vulnerability in multiple products In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver, aka CID-ead16e53c2f0. low complexity linux debian opensuse CWE-909	4.6
2019-12-03	CVE-2019-19535	Missing Initialization of Resource vulnerability in multiple products In the Linux kernel before 5.2.9, there is an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver, aka CID-30a8beeb3042. low complexity linux debian opensuse oracle CWE-909	4.6
2019-12-03	CVE-2019-19531	Use After Free vulnerability in multiple products In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca. low complexity linux debian opensuse CWE-416	6.8
2019-12-03	CVE-2019-19530	Use After Free vulnerability in multiple products In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef. low complexity linux debian opensuse CWE-416	4.6