15.2

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-20	CVE-2019-19917	Classic Buffer Overflow vulnerability in multiple products Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c. local low complexity lout-project opensuse fedoraproject CWE-120	7.8
2019-11-30	CVE-2019-19462	NULL Pointer Dereference vulnerability in multiple products relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result. local low complexity linux netapp canonical opensuse debian CWE-476	5.5
2019-11-19	CVE-2019-18934	OS Command Injection vulnerability in multiple products Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. network low complexity nlnetlabs fedoraproject opensuse CWE-78	7.3
2019-10-10	CVE-2019-17451	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. network low complexity gnu opensuse canonical CWE-190	6.5
2019-10-10	CVE-2019-17450	Uncontrolled Recursion vulnerability in multiple products find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. network low complexity gnu opensuse canonical CWE-674	6.5
2019-08-14	CVE-2019-14973	Integer Overflow or Wraparound vulnerability in multiple products _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. network low complexity libtiff debian fedoraproject opensuse CWE-190	6.5
2019-07-30	CVE-2019-14444	Integer Overflow or Wraparound vulnerability in multiple products apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. local low complexity gnu opensuse canonical netapp CWE-190	5.5
2019-07-26	CVE-2019-14275	Out-of-bounds Write vulnerability in multiple products Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c. local low complexity xfig-project debian opensuse CWE-787	5.5
2019-07-24	CVE-2019-14250	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. local low complexity gnu canonical opensuse CWE-190	5.5
2019-06-26	CVE-2019-12972	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. local low complexity gnu opensuse canonical CWE-125	5.5