Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-14	CVE-2019-11139	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products Improper conditions check in the voltage modulation interface for some Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. local low complexity debian opensuse intel CWE-754	6.0
2019-11-14	CVE-2019-11135	TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. local low complexity opensuse fedoraproject slackware hp intel canonical debian redhat oracle	6.5
2019-11-14	CVE-2012-1155	Information Exposure vulnerability in multiple products Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to network low complexity moodle fedoraproject redhat debian CWE-200	5.0
2019-11-14	CVE-2011-1588	Use of Externally-Controlled Format String vulnerability in multiple products Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error. network xfce opensuse debian CWE-134	6.8
2019-11-14	CVE-2011-1145	Classic Buffer Overflow vulnerability in multiple products The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string. local low complexity unixodbc debian opensuse redhat CWE-120	4.6
2019-11-14	CVE-2011-1136	Link Following vulnerability in multiple products In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file. local tesseract-project debian CWE-59	6.3
2019-11-14	CVE-2011-0544	Cross-site Scripting vulnerability in multiple products phpbb 3.0.x-3.0.6 has an XSS vulnerability via the [flash] BB tag. network phpbb debian CWE-79	4.3
2019-11-13	CVE-2010-5108	Incorrect Default Permissions vulnerability in multiple products Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. network low complexity edgewall debian CWE-276	5.0
2019-11-13	CVE-2010-4664	Improper Privilege Management vulnerability in multiple products In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. network low complexity consolekit-project debian redhat CWE-269	6.5
2019-11-13	CVE-2010-4661	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. local low complexity udisks-project debian fedoraproject opensuse redhat CWE-434	4.6