Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-18	CVE-2019-15144	Uncontrolled Recursion vulnerability in multiple products In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h. local low complexity djvulibre-project debian fedoraproject canonical opensuse CWE-674	5.5
2019-08-18	CVE-2019-15143	Infinite Loop vulnerability in multiple products In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp. local low complexity djvulibre-project debian fedoraproject canonical opensuse CWE-835	5.5
2019-08-18	CVE-2019-15142	Out-of-bounds Read vulnerability in multiple products In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file. local low complexity djvulibre-project debian fedoraproject canonical opensuse CWE-125	5.5
2019-08-15	CVE-2019-13377	Information Exposure Through Discrepancy vulnerability in multiple products The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. network high complexity w1-fi fedoraproject canonical debian CWE-203	5.9
2019-08-14	CVE-2019-14973	Integer Overflow or Wraparound vulnerability in multiple products _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. network low complexity libtiff debian fedoraproject opensuse CWE-190	6.5
2019-08-13	CVE-2019-9516	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. network low complexity apple apache canonical debian fedoraproject synology opensuse redhat oracle mcafee f5 nodejs CWE-770	6.5
2019-08-05	CVE-2019-14664	Cleartext Transmission of Sensitive Information vulnerability in multiple products In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. network low complexity enigmail fedoraproject CWE-319	6.5
2019-07-31	CVE-2019-14464	Out-of-bounds Write vulnerability in multiple products XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow. local low complexity milkytracker-project canonical debian fedoraproject CWE-787	5.5
2019-07-29	CVE-2019-1020014	Double Free vulnerability in multiple products docker-credential-helpers before 0.6.3 has a double free in the List functions. local low complexity docker fedoraproject canonical CWE-415	5.5
2019-07-23	CVE-2019-2805	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). network low complexity oracle mariadb canonical redhat fedoraproject opensuse	6.5