Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-30	CVE-2019-11627	OS Command Injection vulnerability in multiple products gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID. network low complexity signing-party-project debian opensuse CWE-78 critical	9.8
2019-04-30	CVE-2019-10131	Off-by-one Error vulnerability in multiple products An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. local low complexity imagemagick redhat debian canonical opensuse CWE-193	7.1
2019-04-24	CVE-2019-11506	Out-of-bounds Write vulnerability in multiple products In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. network low complexity graphicsmagick debian canonical opensuse CWE-787	8.8
2019-04-24	CVE-2019-11505	Out-of-bounds Write vulnerability in multiple products In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. network low complexity graphicsmagick debian canonical opensuse CWE-787	8.8
2019-04-24	CVE-2019-10691	The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username. network low complexity dovecot opensuse	7.5
2019-04-24	CVE-2019-3882	A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. local low complexity linux fedoraproject debian canonical opensuse netapp	5.5
2019-04-23	CVE-2019-11486	Race Condition vulnerability in multiple products The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions. local high complexity linux debian opensuse netapp CWE-362	7.0
2019-04-23	CVE-2019-2698	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). network high complexity oracle redhat debian opensuse canonical hp	8.1
2019-04-23	CVE-2019-2684	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). network high complexity oracle redhat opensuse debian apache canonical hp	5.9
2019-04-23	CVE-2019-2628	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle canonical mariadb opensuse redhat	4.9