High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-23	CVE-2019-11287	Use of Externally-Controlled Format String vulnerability in multiple products Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. network low complexity pivotal-software vmware fedoraproject redhat debian CWE-134	7.5
2019-11-21	CVE-2019-18888	Argument Injection or Modification vulnerability in multiple products An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. network low complexity sensiolabs fedoraproject CWE-88	7.5
2019-11-21	CVE-2019-18887	Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. network high complexity sensiolabs fedoraproject CWE-203	8.1
2019-11-21	CVE-2019-19204	Out-of-bounds Read vulnerability in multiple products An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. network low complexity oniguruma-project debian fedoraproject CWE-125	7.5
2019-11-21	CVE-2019-19203	Out-of-bounds Read vulnerability in multiple products An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. network low complexity oniguruma-project fedoraproject CWE-125	7.5
2019-11-21	CVE-2012-4524	Improper Input Validation vulnerability in multiple products xlockmore before 5.43 'dclock' security bypass vulnerability network low complexity sillycycle fedoraproject CWE-20	7.5
2019-11-20	CVE-2013-1817	Information Exposure vulnerability in multiple products MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. network low complexity mediawiki debian redhat fedoraproject CWE-200	7.5
2019-11-20	CVE-2013-1816	Improper Input Validation vulnerability in multiple products MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. network low complexity mediawiki debian redhat fedoraproject CWE-20	7.5
2019-11-19	CVE-2019-18934	OS Command Injection vulnerability in multiple products Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. network low complexity nlnetlabs fedoraproject opensuse CWE-78	7.3
2019-11-18	CVE-2019-19070	Memory Leak vulnerability in multiple products A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. network low complexity linux fedoraproject CWE-401	7.5