High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-17	CVE-2019-14835	A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. local low complexity linux canonical debian fedoraproject opensuse netapp redhat huawei	7.8
2019-08-30	CVE-2019-5612	Race Condition vulnerability in multiple products In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. network low complexity freebsd netapp CWE-362	7.5
2019-08-30	CVE-2019-5611	Improper Input Validation vulnerability in multiple products In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguous. network low complexity freebsd netapp CWE-20	7.5
2019-08-30	CVE-2019-5610	Out-of-bounds Read vulnerability in multiple products In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. network low complexity freebsd netapp CWE-125	7.5
2019-08-25	CVE-2019-15538	Resource Exhaustion vulnerability in multiple products An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. network low complexity linux canonical netapp opensuse debian fedoraproject CWE-400	7.5
2019-08-13	CVE-2019-9517	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. network low complexity apple apache canonical debian synology fedoraproject opensuse redhat oracle mcafee netapp nodejs CWE-770	7.5
2019-08-13	CVE-2019-9514	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. network low complexity apple apache debian canonical synology fedoraproject opensuse redhat oracle mcafee netapp f5 nodejs CWE-770	7.5
2019-08-09	CVE-2019-12258	Session Fixation vulnerability in multiple products Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. network low complexity windriver sonicwall siemens netapp belden CWE-384	7.5
2019-08-09	CVE-2019-12263	Out-of-bounds Write vulnerability in multiple products Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). network high complexity windriver sonicwall siemens netapp belden CWE-787	8.1
2019-08-09	CVE-2019-12257	Classic Buffer Overflow vulnerability in multiple products Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP client component. low complexity windriver sonicwall siemens netapp belden CWE-120	8.8