High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-09	CVE-2019-10896	Out-of-bounds Write vulnerability in multiple products In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. network low complexity wireshark fedoraproject opensuse debian canonical CWE-787	7.5
2019-04-09	CVE-2019-10895	Out-of-bounds Read vulnerability in multiple products In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. network low complexity wireshark fedoraproject debian canonical opensuse CWE-125	7.5
2019-04-09	CVE-2019-10894	Reachable Assertion vulnerability in multiple products In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. network low complexity wireshark fedoraproject debian canonical opensuse CWE-617	7.5
2019-04-08	CVE-2019-0211	Use After Free vulnerability in multiple products In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. local low complexity apache fedoraproject canonical debian opensuse netapp redhat oracle CWE-416	7.8
2019-04-08	CVE-2019-0217	Race Condition vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. network high complexity apache debian fedoraproject canonical redhat opensuse netapp oracle CWE-362	7.5
2019-04-08	CVE-2019-0215	In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions. network high complexity apache fedoraproject	7.5
2019-04-07	CVE-2019-10906	In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. network low complexity palletsprojects fedoraproject canonical redhat opensuse	8.6
2019-04-01	CVE-2019-3836	Access of Uninitialized Pointer vulnerability in multiple products It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages. network low complexity gnu fedoraproject opensuse CWE-824	7.5
2019-03-27	CVE-2018-12545	Allocation of Resources Without Limits or Throttling vulnerability in multiple products In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. network low complexity eclipse fedoraproject CWE-770	7.5
2019-03-27	CVE-2019-3829	Use After Free vulnerability in multiple products A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. network low complexity gnu fedoraproject CWE-416	7.5