Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-22	CVE-2019-9959	Integer Overflow or Wraparound vulnerability in multiple products The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo. network low complexity freedesktop debian fedoraproject redhat CWE-190	6.5
2019-07-18	CVE-2019-1010065	Integer Overflow or Wraparound vulnerability in multiple products The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. network low complexity sleuthkit fedoraproject debian CWE-190	6.5
2019-07-17	CVE-2019-13626	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c. network low complexity libsdl fedoraproject debian opensuse CWE-125	6.5
2019-07-17	CVE-2019-9849	LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. network low complexity libreoffice canonical fedoraproject debian opensuse	4.3
2019-07-15	CVE-2019-1010302	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products jhead 3.03 is affected by: Incorrect Access Control. local low complexity jhead-project fedoraproject debian CWE-119	5.5
2019-07-15	CVE-2019-1010301	Out-of-bounds Write vulnerability in multiple products jhead 3.03 is affected by: Buffer Overflow. local low complexity jhead-project fedoraproject debian CWE-787	5.5
2019-07-15	CVE-2019-1010305	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libmspack 0.9.1alpha is affected by: Buffer Overflow. local low complexity kyzer fedoraproject debian canonical CWE-119	5.5
2019-07-11	CVE-2019-1010319	Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. local low complexity wavpack fedoraproject canonical debian CWE-908	5.5
2019-07-11	CVE-2019-1010317	Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. local low complexity wavpack fedoraproject canonical debian CWE-908	5.5
2019-07-11	CVE-2019-1010315	Divide By Zero vulnerability in multiple products WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. local low complexity wavpack fedoraproject debian canonical CWE-369	5.5