High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-04	CVE-2019-13282	Out-of-bounds Read vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. local low complexity glyphandcog fedoraproject CWE-125	7.8
2019-07-04	CVE-2019-13281	Out-of-bounds Write vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. local low complexity glyphandcog fedoraproject CWE-787	7.8
2019-07-04	CVE-2019-13226	Link Following vulnerability in multiple products deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper::temporaryMountDevice() function to temporarily mount a file system as root. local high complexity deepin fedoraproject CWE-59	7.0
2019-06-29	CVE-2019-13050	Improper Certificate Validation vulnerability in multiple products Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. network low complexity gnupg sks-keyserver-project fedoraproject opensuse f5 CWE-295	7.5
2019-06-27	CVE-2019-5836	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-787	8.8
2019-06-27	CVE-2019-5831	Out-of-bounds Write vulnerability in multiple products Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-787	8.8
2019-06-27	CVE-2019-5829	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-190	8.8
2019-06-27	CVE-2019-5828	Use After Free vulnerability in multiple products Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-416	8.8
2019-06-27	CVE-2019-5827	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject debian canonical CWE-190	8.8
2019-06-27	CVE-2019-5824	Out-of-bounds Write vulnerability in multiple products Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-787	8.8