Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-27	CVE-2019-5419	Allocation of Resources Without Limits or Throttling vulnerability in multiple products There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive. network low complexity rubyonrails debian redhat opensuse fedoraproject CWE-770	7.5
2019-03-27	CVE-2019-5418	There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed. network low complexity rubyonrails debian redhat opensuse fedoraproject	7.5
2019-03-27	CVE-2019-3840	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. network high complexity redhat opensuse CWE-476	6.3
2019-03-27	CVE-2019-3814	Improper Certificate Validation vulnerability in multiple products It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. network high complexity dovecot canonical opensuse CWE-295	6.8
2019-03-25	CVE-2019-3861	Out-of-bounds Read vulnerability in multiple products An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. network low complexity libssh2 debian netapp opensuse CWE-125 critical	9.1
2019-03-25	CVE-2019-3860	Out-of-bounds Read vulnerability in multiple products An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. network low complexity libssh2 debian netapp opensuse CWE-125 critical	9.1
2019-03-25	CVE-2019-3857	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. network low complexity libssh2 debian netapp opensuse redhat fedoraproject oracle CWE-190	8.8
2019-03-25	CVE-2019-3856	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. network low complexity libssh2 debian netapp opensuse redhat fedoraproject oracle CWE-190	8.8
2019-03-25	CVE-2019-3838	It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. local low complexity artifex redhat fedoraproject opensuse debian	5.5
2019-03-25	CVE-2019-3835	Missing Authorization vulnerability in multiple products It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. local low complexity artifex redhat fedoraproject debian opensuse CWE-862	5.5