Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-30	CVE-2018-12127	Information Exposure vulnerability in multiple products Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. local high complexity intel fedoraproject CWE-200	5.6
2019-05-30	CVE-2018-12126	Information Exposure vulnerability in multiple products Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. local high complexity intel fedoraproject CWE-200	5.6
2019-05-29	CVE-2019-12449	Improper Handling of Exceptional Conditions vulnerability in multiple products An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. network low complexity gnome canonical opensuse fedoraproject CWE-755	5.7
2019-05-20	CVE-2019-12221	Out-of-bounds Write vulnerability in multiple products An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. network low complexity libsdl fedoraproject canonical opensuse debian CWE-787	6.5
2019-05-20	CVE-2019-12216	Out-of-bounds Write vulnerability in multiple products An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. network low complexity libsdl fedoraproject debian canonical CWE-787	6.5
2019-05-20	CVE-2019-12213	Uncontrolled Recursion vulnerability in multiple products When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion. network low complexity freeimage-project canonical debian fedoraproject CWE-674	6.5
2019-05-15	CVE-2019-11833	Use of Uninitialized Resource vulnerability in multiple products fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. local low complexity linux fedoraproject debian canonical redhat CWE-908	5.5
2019-04-24	CVE-2019-3882	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. local low complexity linux fedoraproject debian canonical opensuse netapp CWE-770	5.5
2019-04-24	CVE-2019-11498	Access of Uninitialized Pointer vulnerability in multiple products WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data. network low complexity wavpack canonical fedoraproject debian CWE-824	6.5
2019-04-23	CVE-2019-2620	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). network low complexity oracle fedoraproject redhat	4.9