High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-21	CVE-2019-19886	Improper Resource Shutdown or Release vulnerability in multiple products Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send crafted requests that may, when sent quickly in large volumes, lead to the server becoming slow or unresponsive (Denial of Service) because of a flaw in Transaction::addRequestHeader in transaction.cc. network low complexity trustwave fedoraproject CWE-404	7.5
2020-01-16	CVE-2020-7105	NULL Pointer Dereference vulnerability in multiple products async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values are unchecked. network low complexity redislabs debian fedoraproject CWE-476	7.5
2020-01-16	CVE-2020-7044	Off-by-one Error vulnerability in multiple products In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. network low complexity wireshark fedoraproject opensuse oracle CWE-193	7.5
2020-01-13	CVE-2020-6860	Out-of-bounds Write vulnerability in multiple products libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute. network low complexity symonics fedoraproject CWE-787	8.8
2020-01-13	CVE-2020-6851	Out-of-bounds Write vulnerability in multiple products OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. network low complexity uclouvain fedoraproject debian redhat oracle CWE-787	7.5
2020-01-10	CVE-2020-6377	Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject redhat debian CWE-416	8.8
2020-01-10	CVE-2019-13767	Use After Free vulnerability in multiple products Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-416	8.8
2020-01-05	CVE-2019-19911	Integer Overflow or Wraparound vulnerability in multiple products There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. network low complexity python debian fedoraproject canonical CWE-190	7.5
2020-01-03	CVE-2020-5395	Use After Free vulnerability in multiple products FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c. network low complexity fontforge fedoraproject opensuse CWE-416	8.8
2020-01-03	CVE-2020-5313	Out-of-bounds Read vulnerability in multiple products libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. network low complexity python debian canonical fedoraproject CWE-125	7.1