Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-08	CVE-2019-17016	Cross-site Scripting vulnerability in Mozilla Firefox and Firefox ESR When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. network mozilla debian canonical redhat CWE-79	4.3
2020-01-08	CVE-2019-11745	Out-of-bounds Write vulnerability in multiple products When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. network mozilla opensuse canonical debian redhat siemens CWE-787	6.8
2020-01-08	CVE-2020-0009	Incorrect Default Permissions vulnerability in multiple products In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. local low complexity google debian CWE-276	5.5
2020-01-08	CVE-2019-5188	Out-of-bounds Write vulnerability in multiple products A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. local low complexity e2fsprogs-project fedoraproject debian canonical opensuse netapp CWE-787	6.7
2020-01-06	CVE-2019-18179	An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. network low complexity otrs debian opensuse	4.3
2020-01-02	CVE-2014-8182	Off-by-one Error vulnerability in multiple products An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. network openldap debian CWE-193	4.3
2020-01-02	CVE-2014-6275	Information Exposure vulnerability in multiple products FusionForge before 5.3.2 use scripts that run under the shared Apache user, which is also used by project homepages by default. network fusionforge debian CWE-200	4.3
2020-01-02	CVE-2013-4532	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. local low complexity qemu canonical debian CWE-119	4.6
2020-01-02	CVE-2019-14864	Improper Output Neutralization for Logs vulnerability in multiple products Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. network low complexity redhat debian opensuse CWE-117	4.0
2020-01-02	CVE-2019-20208	Out-of-bounds Write vulnerability in multiple products dimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a stack-based buffer overflow. local low complexity gpac debian CWE-787	5.5