15.1

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-14	CVE-2019-9770	Out-of-bounds Write vulnerability in multiple products An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. network low complexity gnu opensuse CWE-787	5.0
2019-03-13	CVE-2019-9752	Cross-site Scripting vulnerability in multiple products An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. network otrs opensuse CWE-79	3.5
2019-03-09	CVE-2019-9641	Use of Uninitialized Resource vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php debian canonical opensuse netapp CWE-908	7.5
2019-03-09	CVE-2019-9640	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php canonical debian opensuse netapp redhat CWE-125	5.0
2019-03-09	CVE-2019-9639	Missing Initialization of Resource vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php debian canonical opensuse netapp redhat CWE-909	5.0
2019-03-09	CVE-2019-9638	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php debian canonical opensuse netapp redhat CWE-125	5.0
2019-03-08	CVE-2019-9636	Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. network low complexity python fedoraproject opensuse debian canonical redhat oracle critical	9.8
2019-02-28	CVE-2019-9215	In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function. network low complexity live555 opensuse debian	7.5
2019-02-28	CVE-2019-9209	Off-by-one Error vulnerability in multiple products In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. local low complexity wireshark debian canonical opensuse CWE-193	5.5
2019-02-27	CVE-2019-1559	Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. network high complexity openssl canonical debian netapp f5 tenable opensuse fedoraproject mcafee redhat oracle paloaltonetworks nodejs CWE-203	5.9