Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-27	CVE-2019-20010	Use After Free vulnerability in multiple products An issue was discovered in GNU LibreDWG 0.92. network gnu opensuse CWE-416	6.8
2019-12-27	CVE-2019-20009	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in GNU LibreDWG before 0.93. network gnu opensuse CWE-770	4.3
2019-12-24	CVE-2019-19925	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. network low complexity sqlite siemens oracle debian redhat suse opensuse netapp CWE-434	5.0
2019-12-24	CVE-2019-19923	NULL Pointer Dereference vulnerability in multiple products flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. network low complexity sqlite siemens oracle debian redhat suse opensuse netapp CWE-476	5.0
2019-12-23	CVE-2019-19926	NULL Pointer Dereference vulnerability in multiple products multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. network low complexity sqlite siemens oracle debian redhat opensuse suse netapp CWE-476	5.0
2019-12-18	CVE-2019-19880	NULL Pointer Dereference vulnerability in multiple products exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. network low complexity sqlite netapp debian suse redhat opensuse oracle siemens CWE-476	5.0
2019-12-16	CVE-2019-16779	Race Condition vulnerability in multiple products In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. network excon-project opensuse debian CWE-362	4.3
2019-12-10	CVE-2019-13745	Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. network low complexity google debian suse opensuse fedoraproject redhat	6.5
2019-12-03	CVE-2019-5164	Missing Authentication for Critical Function vulnerability in multiple products An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. local low complexity shadowsocks opensuse CWE-306	4.6
2019-11-26	CVE-2019-14856	Improper Authentication vulnerability in multiple products ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None network low complexity redhat opensuse CWE-287	4.0