Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-16	CVE-2019-2914	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). network low complexity oracle canonical fedoraproject netapp	6.5
2019-10-16	CVE-2019-2911	Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). network low complexity oracle canonical fedoraproject netapp	2.7
2019-10-16	CVE-2019-11281	Cross-site Scripting vulnerability in multiple products Pivotal RabbitMQ, versions prior to v3.7.18, and RabbitMQ for PCF, versions 1.15.x prior to 1.15.13, versions 1.16.x prior to 1.16.6, and versions 1.17.x prior to 1.17.3, contain two components, the virtual host limits page, and the federation management UI, which do not properly sanitize user input. network low complexity pivotal-software debian fedoraproject redhat CWE-79	4.8
2019-10-14	CVE-2019-17592	Resource Exhaustion vulnerability in multiple products The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular Expression Denial of Service. network low complexity csv-parse-project fedoraproject CWE-400	7.5
2019-10-14	CVE-2019-17545	Double Free vulnerability in multiple products GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded. network low complexity osgeo oracle debian fedoraproject opensuse CWE-415 critical	9.8
2019-10-10	CVE-2019-17455	Out-of-bounds Read vulnerability in multiple products Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request. network low complexity nongnu debian canonical fedoraproject opensuse CWE-125 critical	9.8
2019-10-07	CVE-2019-17042	Improper Input Validation vulnerability in multiple products An issue was discovered in Rsyslog v8.1908.0. network low complexity rsyslog fedoraproject debian opensuse CWE-20 critical	9.8
2019-10-07	CVE-2019-17041	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Rsyslog v8.1908.0. network low complexity rsyslog debian fedoraproject opensuse CWE-787 critical	9.8
2019-10-04	CVE-2019-16865	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in Pillow before 6.2.0. network low complexity python fedoraproject CWE-770	7.5
2019-10-03	CVE-2019-15165	Allocation of Resources Without Limits or Throttling vulnerability in multiple products sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. network low complexity tcpdump debian opensuse oracle apple canonical fedoraproject CWE-770	5.3