Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-30	CVE-2019-8457	Out-of-bounds Read vulnerability in multiple products SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. network low complexity sqlite canonical opensuse fedoraproject CWE-125 critical	9.8
2019-05-29	CVE-2019-12450	Incorrect Default Permissions vulnerability in multiple products file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. network low complexity gnome debian redhat canonical opensuse fedoraproject CWE-276 critical	9.8
2019-05-29	CVE-2019-12449	Improper Handling of Exceptional Conditions vulnerability in multiple products An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. network low complexity gnome canonical opensuse fedoraproject CWE-755	5.7
2019-05-29	CVE-2019-12447	An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. network low complexity gnome canonical opensuse fedoraproject	7.3
2019-05-28	CVE-2019-5436	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. local low complexity haxx opensuse fedoraproject debian f5 netapp oracle CWE-787	7.8
2019-05-23	CVE-2019-5804	Argument Injection or Modification vulnerability in multiple products Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name. local low complexity google opensuse CWE-88	5.5
2019-05-23	CVE-2019-5803	Improper Input Validation vulnerability in multiple products Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google opensuse CWE-20	6.5
2019-05-23	CVE-2019-5802	Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google opensuse	6.5
2019-05-23	CVE-2019-5801	Improper Input Validation vulnerability in multiple products Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google opensuse CWE-20	6.5
2019-05-23	CVE-2019-5800	Improper Input Validation vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google opensuse CWE-20	6.5