High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-18	CVE-2019-19064	Memory Leak vulnerability in multiple products A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. network low complexity linux fedoraproject CWE-401	7.5
2019-11-18	CVE-2019-19050	Memory Leak vulnerability in multiple products A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1. network low complexity linux fedoraproject canonical netapp broadcom CWE-401	7.5
2019-11-15	CVE-2011-2726	Incorrect Authorization vulnerability in multiple products An access bypass issue was found in Drupal 7.x before version 7.5. network low complexity drupal debian redhat fedoraproject CWE-863	7.5
2019-11-15	CVE-2014-0021	Chrony before 1.29.1 has traffic amplification in cmdmon protocol network low complexity chrony-project debian fedoraproject	7.5
2019-11-15	CVE-2013-7089	Information Exposure vulnerability in multiple products ClamAV before 0.97.7: dbg_printhex possible information leak network low complexity clamav debian fedoraproject CWE-200	7.5
2019-11-15	CVE-2019-14869	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. network low complexity artifex fedoraproject opensuse CWE-732	8.8
2019-11-14	CVE-2019-14818	Memory Leak vulnerability in multiple products A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. network low complexity dpdk redhat fedoraproject CWE-401	7.5
2019-11-14	CVE-2012-1170	Improper Validation of Integrity Check Value vulnerability in multiple products Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough network low complexity moodle fedoraproject CWE-354	7.5
2019-11-14	CVE-2012-1168	Improper Input Validation vulnerability in multiple products Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. network low complexity moodle fedoraproject redhat CWE-20	8.2
2019-11-14	CVE-2012-1156	Information Exposure Through Log Files vulnerability in multiple products Moodle before 2.2.2 has users' private files included in course backups network low complexity moodle fedoraproject redhat CWE-532	7.5