Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-22	CVE-2015-7810	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files local high complexity videolan redhat fedoraproject debian CWE-367	4.7
2019-11-22	CVE-2015-5694	Infinite Loop vulnerability in multiple products Designate does not enforce the DNS protocol limit concerning record set sizes network low complexity openstack redhat debian CWE-835	6.5
2019-11-22	CVE-2019-10206	Insufficiently Protected Credentials vulnerability in multiple products ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. network low complexity redhat debian opensuse CWE-522	6.5
2019-11-21	CVE-2019-19221	Out-of-bounds Read vulnerability in multiple products In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. local low complexity libarchive debian fedoraproject canonical CWE-125	5.5
2019-11-21	CVE-2019-18890	SQL Injection vulnerability in multiple products A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query. network low complexity redmine debian CWE-89	6.5
2019-11-21	CVE-2014-1935	Improper Input Validation vulnerability in multiple products 9base 1:6-6 and 1:6-7 insecurely creates temporary files which results in predictable filenames. network low complexity 9base-project debian CWE-20	5.3
2019-11-21	CVE-2014-0083	Use of Password Hash With Insufficient Computational Effort vulnerability in multiple products The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords. local low complexity net-ldap-project debian CWE-916	5.5
2019-11-21	CVE-2019-19039	Information Exposure Through Log Files vulnerability in multiple products __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. local low complexity linux debian canonical CWE-532	5.5
2019-11-20	CVE-2015-1606	Use After Free vulnerability in multiple products The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file. local low complexity gnupg debian CWE-416	5.5
2019-11-20	CVE-2012-6136	Incorrect Default Permissions vulnerability in multiple products tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes. local low complexity redhat fedoraproject debian CWE-276	5.5