Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-27	CVE-2019-5810	Cleartext Storage of Sensitive Information vulnerability in multiple products Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-312	6.5
2019-06-27	CVE-2019-5805	Use After Free vulnerability in multiple products Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. network low complexity google opensuse debian fedoraproject CWE-416	6.5
2019-06-19	CVE-2019-11038	Use of Uninitialized Resource vulnerability in multiple products When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. network low complexity libgd php canonical debian fedoraproject suse opensuse redhat CWE-908	5.3
2019-06-11	CVE-2019-0197	HTTP Request Smuggling vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. network high complexity apache canonical fedoraproject opensuse redhat oracle CWE-444	4.2
2019-06-11	CVE-2019-0220	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. network low complexity apache opensuse debian fedoraproject canonical CWE-706	5.3
2019-06-10	CVE-2019-12387	Injection vulnerability in multiple products In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF. network low complexity twisted fedoraproject canonical oracle CWE-74	6.1
2019-06-03	CVE-2019-12614	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. local high complexity linux redhat canonical opensuse fedoraproject CWE-476	4.1
2019-05-30	CVE-2019-11091	Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. local high complexity intel fedoraproject	5.6
2019-05-30	CVE-2018-12130	Information Exposure vulnerability in multiple products Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. local high complexity intel fedoraproject CWE-200	5.6
2019-05-30	CVE-2018-12127	Information Exposure vulnerability in multiple products Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. local high complexity intel fedoraproject CWE-200	5.6