Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-24	CVE-2019-5094	Out-of-bounds Write vulnerability in multiple products An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. local low complexity e2fsprogs-project debian fedoraproject canonical netapp CWE-787	6.7
2019-09-24	CVE-2019-16728	Cross-site Scripting vulnerability in multiple products DOMPurify before 2.0.1 allows XSS because of innerHTML mutation XSS (mXSS) for an SVG element or a MATH element, as demonstrated by Chrome and Safari. network low complexity cure53 debian CWE-79	6.1
2019-09-23	CVE-2019-16713	Memory Leak vulnerability in multiple products ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrated by PingImage in MagickCore/constitute.c. network low complexity imagemagick canonical opensuse debian CWE-401	6.5
2019-09-23	CVE-2019-16711	Memory Leak vulnerability in multiple products ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in coders/ps2.c. network low complexity imagemagick debian opensuse canonical CWE-401	6.5
2019-09-23	CVE-2019-16710	Memory Leak vulnerability in multiple products ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c. network low complexity imagemagick debian opensuse canonical CWE-401	6.5
2019-09-23	CVE-2019-16708	Memory Leak vulnerability in multiple products ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage. network low complexity imagemagick canonical opensuse debian CWE-401	6.5
2019-09-21	CVE-2019-16680	Path Traversal vulnerability in multiple products An issue was discovered in GNOME file-roller before 3.29.91. network low complexity gnome redhat debian canonical CWE-22	4.3
2019-09-19	CVE-2019-11779	Uncontrolled Recursion vulnerability in multiple products In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. network low complexity eclipse canonical opensuse fedoraproject debian CWE-674	6.5
2019-09-17	CVE-2019-16394	Information Exposure Through Discrepancy vulnerability in multiple products SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messages from the password-reminder page depending on whether an e-mail address exists, which might help attackers to enumerate subscribers. network low complexity spip debian canonical CWE-203	5.3
2019-09-17	CVE-2019-16393	Open Redirect vulnerability in multiple products SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ecrire/inc/headers.php with a %0D, %0A, or %20 character. network low complexity spip debian canonical CWE-601	6.1