High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-03	CVE-2020-5310	Integer Overflow or Wraparound vulnerability in multiple products libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. network low complexity python canonical fedoraproject CWE-190	8.8
2019-12-31	CVE-2013-4357	Classic Buffer Overflow vulnerability in multiple products The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. network low complexity eglibc novell debian canonical fedoraproject CWE-120	7.5
2019-12-31	CVE-2013-4161	Improper Privilege Management vulnerability in multiple products gksu-polkit-0.0.3-6.fc18 was reported as fixing the issue in CVE-2012-5617 but the patch was improperly applied and it did not fixed the security issue. local low complexity gksu-polkit-project fedoraproject CWE-269	7.8
2019-12-31	CVE-2019-20176	Resource Exhaustion vulnerability in multiple products In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c. network low complexity pureftpd fedoraproject CWE-400	7.5
2019-12-30	CVE-2012-5645	Resource Exhaustion vulnerability in multiple products A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. network low complexity freeciv fedoraproject CWE-400	7.5
2019-12-26	CVE-2012-3462	Improper Authentication vulnerability in Fedoraproject Sssd 1.9.0 A flaw was found in SSSD version 1.9.0. network low complexity fedoraproject CWE-287	8.8
2019-12-26	CVE-2019-16789	HTTP Request Smuggling vulnerability in multiple products In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. network low complexity agendaless oracle debian fedoraproject redhat CWE-444	8.2
2019-12-24	CVE-2019-19956	Memory Leak vulnerability in multiple products xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. network low complexity xmlsoft debian oracle fedoraproject canonical netapp siemens CWE-401	7.5
2019-12-23	CVE-2019-11044	In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. network low complexity php tenable fedoraproject	7.5
2019-12-20	CVE-2019-16786	HTTP Request Smuggling vulnerability in multiple products Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. network low complexity agendaless oracle debian fedoraproject redhat CWE-444	7.5