Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-19	CVE-2019-3812	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. local low complexity qemu fedoraproject canonical opensuse CWE-119	5.5
2019-02-18	CVE-2019-8912	Use After Free vulnerability in multiple products In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr. local low complexity linux redhat canonical opensuse CWE-416	7.2
2019-02-18	CVE-2019-8907	Out-of-bounds Write vulnerability in multiple products do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact. network file-project debian opensuse canonical CWE-787	6.8
2019-02-18	CVE-2019-8906	Out-of-bounds Read vulnerability in multiple products do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. local low complexity file-project canonical opensuse apple CWE-125	3.6
2019-02-18	CVE-2019-8905	Out-of-bounds Read vulnerability in multiple products do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360. local low complexity debian file-project canonical opensuse CWE-125	3.6
2019-02-15	CVE-2019-8341	Code Injection vulnerability in multiple products An issue was discovered in Jinja2 2.10. network low complexity pocoo opensuse CWE-94 critical	9.8
2019-02-11	CVE-2019-5736	OS Command Injection vulnerability in multiple products runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. local low complexity docker linuxfoundation redhat google linuxcontainers hp netapp apache opensuse d2iq fedoraproject canonical microfocus CWE-78	8.6
2019-02-09	CVE-2019-7665	Out-of-bounds Read vulnerability in multiple products In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. network elfutils-project debian canonical opensuse redhat CWE-125	4.3
2019-02-09	CVE-2019-7663	An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. network libtiff debian canonical opensuse	4.3
2019-02-08	CVE-2019-7638	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c. network low complexity libsdl debian opensuse fedoraproject canonical CWE-125	8.8