15.0

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-13	CVE-2019-9511	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. network low complexity apple apache canonical debian synology fedoraproject opensuse redhat oracle mcafee f5 nodejs CWE-770	7.5
2019-08-12	CVE-2019-14981	Divide By Zero vulnerability in multiple products In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is a divide-by-zero vulnerability in the MeanShiftImage function. network low complexity imagemagick debian canonical opensuse CWE-369	6.5
2019-08-12	CVE-2019-14980	Use After Free vulnerability in multiple products In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is a use after free vulnerability in the UnmapBlob function that allows an attacker to cause a denial of service by sending a crafted file. network low complexity imagemagick opensuse CWE-416	6.5
2019-08-09	CVE-2019-11042	Out-of-bounds Read vulnerability in multiple products When PHP EXIF extension is parsing EXIF information from an image, e.g. network low complexity php debian canonical apple opensuse redhat tenable CWE-125	7.1
2019-08-09	CVE-2019-11041	Out-of-bounds Read vulnerability in multiple products When PHP EXIF extension is parsing EXIF information from an image, e.g. network low complexity php debian canonical apple opensuse redhat tenable CWE-125	7.1
2019-08-09	CVE-2019-14806	Insufficient Entropy vulnerability in multiple products Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id. network low complexity palletsprojects opensuse CWE-331	7.5
2019-08-06	CVE-2019-13106	Out-of-bounds Write vulnerability in multiple products Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. local low complexity denx opensuse CWE-787	7.8
2019-08-06	CVE-2019-13104	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem. local low complexity denx opensuse CWE-191	7.8
2019-08-02	CVE-2019-14524	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Schism Tracker through 20190722. local low complexity schismtracker opensuse CWE-787	7.8
2019-07-31	CVE-2019-10185	It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. network low complexity icedtea-web-project debian opensuse	8.6