Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-16	CVE-2019-19783	Improper Privilege Management vulnerability in multiple products An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. network low complexity cyrus debian fedoraproject canonical CWE-269	6.5
2019-12-15	CVE-2019-19797	Out-of-bounds Write vulnerability in multiple products read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. local low complexity xfig-project fedoraproject debian CWE-787	5.5
2019-12-13	CVE-2019-19722	NULL Pointer Dereference vulnerability in multiple products In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. network low complexity dovecot fedoraproject CWE-476	5.3
2019-12-13	CVE-2019-16777	Improper Privilege Management vulnerability in multiple products Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. network low complexity npmjs opensuse oracle fedoraproject redhat CWE-269	6.5
2019-12-13	CVE-2019-16775	UNIX Symbolic Link (Symlink) Following vulnerability in multiple products Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. network low complexity redhat npmjs opensuse oracle fedoraproject CWE-61	6.5
2019-12-12	CVE-2019-19769	Use After Free vulnerability in multiple products In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h). local low complexity linux fedoraproject CWE-416	6.7
2019-12-12	CVE-2019-19746	Integer Overflow or Wraparound vulnerability in multiple products make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type. local low complexity fig2dev-project fedoraproject CWE-190	5.5
2019-12-11	CVE-2019-19582	Infinite Loop vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service (infinite loop) because certain bit iteration is mishandled. local low complexity xen fedoraproject CWE-835	6.5
2019-12-11	CVE-2019-19581	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing 32-bit Arm guest OS users to cause a denial of service (out-of-bounds access) because certain bit iteration is mishandled. local low complexity xen fedoraproject CWE-119	6.5
2019-12-11	CVE-2019-19580	Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an incomplete fix for CVE-2019-18421. network high complexity xen fedoraproject CWE-362	6.6