High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-08	CVE-2016-10937	Improper Certificate Validation vulnerability in multiple products IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate. network low complexity imapfilter-project debian fedoraproject opensuse CWE-295	7.5
2019-09-06	CVE-2019-9854	Path Traversal vulnerability in multiple products LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. local low complexity libreoffice redhat debian canonical opensuse fedoraproject CWE-22	7.8
2019-09-06	CVE-2019-16056	An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. network low complexity python fedoraproject debian canonical redhat oracle opensuse	7.5
2019-09-03	CVE-2019-14817	Incorrect Authorization vulnerability in multiple products A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat opensuse fedoraproject debian CWE-863	7.8
2019-09-03	CVE-2019-14811	Incorrect Authorization vulnerability in multiple products A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat fedoraproject opensuse debian CWE-863	7.8
2019-08-30	CVE-2019-12402	Infinite Loop vulnerability in multiple products The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. network low complexity apache fedoraproject oracle CWE-835	7.5
2019-08-25	CVE-2019-15538	Resource Exhaustion vulnerability in multiple products An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. network low complexity linux canonical netapp opensuse debian fedoraproject CWE-400	7.5
2019-08-20	CVE-2019-10086	Deserialization of Untrusted Data vulnerability in multiple products In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. network low complexity apache debian opensuse fedoraproject redhat oracle CWE-502	7.3
2019-08-20	CVE-2019-2126	Double Free vulnerability in multiple products In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. network low complexity google fedoraproject canonical opensuse CWE-415	8.8
2019-08-20	CVE-2019-15237	Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks. network low complexity roundcube fedoraproject	7.4