Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-10	CVE-2019-11884	The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. local low complexity linux fedoraproject debian canonical redhat opensuse	3.3
2019-05-08	CVE-2019-11494	NULL Pointer Dereference vulnerability in multiple products In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login service crashes when the client disconnects prematurely during the AUTH command. network low complexity dovecot fedoraproject opensuse CWE-476	7.5
2019-05-08	CVE-2019-5021	Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. network low complexity gliderlabs opensuse f5 critical	9.8
2019-05-08	CVE-2019-11499	In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message. network low complexity dovecot fedoraproject opensuse	7.5
2019-05-08	CVE-2019-11815	Use After Free vulnerability in multiple products An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. network high complexity linux canonical debian opensuse netapp CWE-416	8.1
2019-05-07	CVE-2019-7443	Improper Input Validation vulnerability in multiple products KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. network high complexity kde opensuse fedoraproject CWE-20	8.1
2019-05-07	CVE-2018-19456	Information Exposure vulnerability in multiple products The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql. network low complexity wplaunchpad opensuse CWE-200	7.5
2019-05-07	CVE-2019-11811	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.0.4. local high complexity linux redhat opensuse CWE-416	7.0
2019-05-07	CVE-2018-20836	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 4.20. network high complexity linux canonical debian f5 netapp opensuse CWE-416	8.1
2019-05-03	CVE-2019-11036	Out-of-bounds Read vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. network low complexity php fedoraproject redhat canonical debian opensuse CWE-125 critical	9.1