Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-26	CVE-2011-3617	Incorrect Authorization vulnerability in multiple products Tahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some cases. network low complexity tahoe-lafs debian CWE-863	6.5
2019-11-25	CVE-2012-5644	Information Exposure vulnerability in multiple products libuser has information disclosure when moving user's home directory local low complexity libuser-project fedoraproject redhat debian CWE-200	5.5
2019-11-25	CVE-2012-5521	Reachable Assertion vulnerability in multiple products quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal low complexity quagga debian redhat CWE-617	6.5
2019-11-22	CVE-2019-18790	Missing Authorization vulnerability in multiple products An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Certified Asterisk 13.21 before cert5. network low complexity digium debian CWE-862	6.5
2019-11-22	CVE-2012-0812	Cross-site Scripting vulnerability in multiple products PostfixAdmin 2.3.4 has multiple XSS vulnerabilities network low complexity postfix-admin-project debian CWE-79	6.1
2019-11-22	CVE-2015-7810	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files local high complexity videolan redhat fedoraproject debian CWE-367	4.7
2019-11-22	CVE-2015-5694	Infinite Loop vulnerability in multiple products Designate does not enforce the DNS protocol limit concerning record set sizes network low complexity openstack redhat debian CWE-835	6.5
2019-11-22	CVE-2019-10206	Insufficiently Protected Credentials vulnerability in multiple products ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. network low complexity redhat debian opensuse CWE-522	6.5
2019-11-21	CVE-2019-19221	Out-of-bounds Read vulnerability in multiple products In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. local low complexity libarchive debian fedoraproject canonical CWE-125	5.5
2019-11-21	CVE-2019-18890	SQL Injection vulnerability in multiple products A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query. network low complexity redmine debian CWE-89	6.5