Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-24	CVE-2019-16746	Classic Buffer Overflow vulnerability in multiple products An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. network low complexity linux debian canonical fedoraproject opensuse CWE-120 critical	9.8
2019-09-17	CVE-2019-16378	Authentication Bypass by Spoofing vulnerability in multiple products OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message. network low complexity trusteddomain debian fedoraproject canonical CWE-290 critical	9.8
2019-09-17	CVE-2019-16239	Classic Buffer Overflow vulnerability in multiple products process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. network low complexity infradead fedoraproject debian canonical opensuse CWE-120 critical	9.8
2019-09-16	CVE-2019-5482	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. network low complexity haxx fedoraproject opensuse netapp oracle debian CWE-787 critical	9.8
2019-09-16	CVE-2019-5481	Double Free vulnerability in multiple products Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. network low complexity haxx fedoraproject netapp oracle debian opensuse CWE-415 critical	9.8
2019-09-15	CVE-2019-16335	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. network low complexity fasterxml fedoraproject debian netapp redhat oracle CWE-502 critical	9.8
2019-09-15	CVE-2019-14540	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. network low complexity fasterxml netapp fedoraproject debian redhat oracle CWE-502 critical	9.8
2019-09-06	CVE-2019-14813	Incorrect Authorization vulnerability in multiple products A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. network low complexity artifex redhat fedoraproject opensuse debian CWE-863 critical	9.8
2019-08-29	CVE-2019-11500	Out-of-bounds Write vulnerability in multiple products In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. network low complexity dovecot debian fedoraproject CWE-787 critical	9.8
2019-08-23	CVE-2019-10746	Argument Injection or Modification vulnerability in multiple products mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. network low complexity mixin-deep-project fedoraproject oracle CWE-88 critical	9.8