Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-26	CVE-2011-3374	Improper Verification of Cryptographic Signature vulnerability in Debian Advanced Package Tool and Debian Linux It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack. network debian CWE-347	4.3
2019-11-25	CVE-2015-1396	Path Traversal vulnerability in multiple products A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. network low complexity gnu debian CWE-22	6.4
2019-11-25	CVE-2012-5644	Information Exposure vulnerability in multiple products libuser has information disclosure when moving user's home directory local low complexity libuser-project debian fedoraproject redhat CWE-200	4.9
2019-11-22	CVE-2014-6311	Use of Insufficiently Random Values vulnerability in multiple products generate_doygen.pl in ace before 6.2.7+dfsg-2 creates predictable file names in the /tmp directory which allows attackers to gain elevated privileges. network low complexity vanderbilt debian CWE-330	5.0
2019-11-22	CVE-2019-18976	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through 13.x and Certified Asterisk through 13.21-x. network low complexity digium debian CWE-476	5.0
2019-11-22	CVE-2019-18790	Missing Authorization vulnerability in multiple products An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Certified Asterisk 13.21 before cert5. network digium debian CWE-862	5.8
2019-11-22	CVE-2012-0812	Cross-site Scripting vulnerability in multiple products PostfixAdmin 2.3.4 has multiple XSS vulnerabilities network postfix-admin-project debian CWE-79	4.3
2019-11-22	CVE-2015-5694	Infinite Loop vulnerability in multiple products Designate does not enforce the DNS protocol limit concerning record set sizes network low complexity openstack redhat debian CWE-835	4.0
2019-11-22	CVE-2019-10206	Insufficiently Protected Credentials vulnerability in multiple products ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. network low complexity redhat debian opensuse CWE-522	6.5
2019-11-21	CVE-2019-19221	Out-of-bounds Read vulnerability in multiple products In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. local low complexity libarchive debian fedoraproject canonical CWE-125	5.5