15.0

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-03	CVE-2019-11036	Out-of-bounds Read vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. network low complexity php fedoraproject redhat canonical debian opensuse CWE-125 critical	9.1
2019-04-30	CVE-2019-11627	OS Command Injection vulnerability in multiple products gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID. network low complexity signing-party-project debian opensuse CWE-78 critical	9.8
2019-04-24	CVE-2019-11506	Out-of-bounds Write vulnerability in multiple products In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. network low complexity graphicsmagick debian canonical opensuse CWE-787	8.8
2019-04-24	CVE-2019-11505	Out-of-bounds Write vulnerability in multiple products In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. network low complexity graphicsmagick debian canonical opensuse CWE-787	8.8
2019-04-24	CVE-2019-10691	The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username. network low complexity dovecot opensuse	7.5
2019-04-24	CVE-2019-3882	A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. local low complexity linux fedoraproject debian canonical opensuse netapp	5.5
2019-04-23	CVE-2019-2698	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). network high complexity oracle redhat debian opensuse canonical hp	8.1
2019-04-23	CVE-2019-2684	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). network high complexity oracle redhat opensuse debian apache canonical hp	5.9
2019-04-23	CVE-2019-2628	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle canonical mariadb opensuse redhat	4.9
2019-04-23	CVE-2019-2627	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). network low complexity oracle canonical mariadb opensuse redhat	4.9