High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-11	CVE-2019-12527	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid 4.0.23 through 4.7. network low complexity squid-cache fedoraproject debian canonical redhat CWE-787	8.8
2019-07-05	CVE-2019-13313	Information Exposure vulnerability in multiple products libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line. local low complexity libosinfo fedoraproject redhat CWE-200	7.8
2019-07-04	CVE-2019-13283	Out-of-bounds Read vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. local low complexity glyphandcog fedoraproject CWE-125	7.8
2019-07-04	CVE-2019-13282	Out-of-bounds Read vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. local low complexity glyphandcog fedoraproject CWE-125	7.8
2019-07-04	CVE-2019-13281	Out-of-bounds Write vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. local low complexity glyphandcog fedoraproject CWE-787	7.8
2019-07-04	CVE-2019-13226	Link Following vulnerability in multiple products deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper::temporaryMountDevice() function to temporarily mount a file system as root. local high complexity deepin fedoraproject CWE-59	7.0
2019-06-29	CVE-2019-13050	Improper Certificate Validation vulnerability in multiple products Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. network low complexity gnupg sks-keyserver-project fedoraproject opensuse f5 CWE-295	7.5
2019-06-27	CVE-2019-5836	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-787	8.8
2019-06-27	CVE-2019-5831	Out-of-bounds Write vulnerability in multiple products Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-787	8.8
2019-06-27	CVE-2019-5829	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-190	8.8