Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-14	CVE-2012-1168	Improper Input Validation vulnerability in multiple products Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. network low complexity moodle fedoraproject redhat CWE-20	6.4
2019-11-14	CVE-2012-1156	Information Exposure Through Log Files vulnerability in multiple products Moodle before 2.2.2 has users' private files included in course backups network low complexity moodle fedoraproject redhat CWE-532	5.0
2019-11-14	CVE-2012-1155	Information Exposure vulnerability in multiple products Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to network low complexity moodle fedoraproject redhat debian CWE-200	5.0
2019-11-13	CVE-2010-4661	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. local low complexity udisks-project debian fedoraproject opensuse redhat CWE-434	4.6
2019-11-12	CVE-2010-3439	Improper Input Validation vulnerability in multiple products It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command. network low complexity cor-entertainment debian fedoraproject CWE-20	4.0
2019-11-11	CVE-2019-18849	Out-of-bounds Read vulnerability in multiple products In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup. local low complexity tnef-project fedoraproject canonical debian CWE-125	5.5
2019-11-08	CVE-2013-1820	Improper Input Validation vulnerability in multiple products tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service. local redhat fedoraproject CWE-20	4.7
2019-11-07	CVE-2012-0049	Resource Exhaustion vulnerability in multiple products OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. network low complexity openttd debian fedoraproject CWE-400	4.0
2019-11-07	CVE-2019-18811	Memory Leak vulnerability in multiple products A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1. local low complexity linux fedoraproject redhat CWE-401	5.5
2019-11-07	CVE-2019-18809	Memory Leak vulnerability in multiple products A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559. low complexity linux debian canonical fedoraproject opensuse CWE-401	4.6