Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-18	CVE-2019-19062	Memory Leak vulnerability in multiple products A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042. local high complexity linux redhat debian canonical fedoraproject opensuse CWE-401	4.7
2019-11-18	CVE-2019-19056	Memory Leak vulnerability in multiple products A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932. local high complexity linux debian canonical fedoraproject opensuse CWE-401	4.7
2019-11-18	CVE-2019-19051	Memory Leak vulnerability in multiple products A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-6f3ef5c25cc7. local low complexity linux debian canonical opensuse CWE-401	5.5
2019-11-15	CVE-2011-2726	Incorrect Authorization vulnerability in multiple products An access bypass issue was found in Drupal 7.x before version 7.5. network low complexity drupal debian redhat fedoraproject CWE-863	5.0
2019-11-15	CVE-2016-5285	NULL Pointer Dereference vulnerability in multiple products A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service. network low complexity mozilla debian redhat suse avaya CWE-476	5.0
2019-11-15	CVE-2014-0021	Remote Denial of Service vulnerability in Chrony cmdmon Protocol Amplification Chrony before 1.29.1 has traffic amplification in cmdmon protocol network low complexity chrony-project debian fedoraproject	5.0
2019-11-15	CVE-2013-7089	Information Exposure vulnerability in multiple products ClamAV before 0.97.7: dbg_printhex possible information leak network low complexity clamav debian fedoraproject CWE-200	5.0
2019-11-15	CVE-2013-4584	Improper Handling of Exceptional Conditions vulnerability in multiple products Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. network high complexity horms debian CWE-755	5.9
2019-11-14	CVE-2019-18978	Path Traversal vulnerability in multiple products An issue was discovered in the rack-cors (aka Rack CORS Middleware) gem before 1.0.4 for Ruby. network low complexity rack-cors-project debian canonical CWE-22	5.0
2019-11-14	CVE-2018-12207	Improper Input Validation vulnerability in multiple products Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. local low complexity intel debian opensuse fedoraproject canonical f5 redhat oracle CWE-20	6.5