Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-07	CVE-2019-7574	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c. network low complexity libsdl debian opensuse fedoraproject canonical CWE-125	8.8
2019-02-07	CVE-2019-7573	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop). network low complexity libsdl debian opensuse fedoraproject canonical CWE-125	8.8
2019-02-07	CVE-2019-7572	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c. network low complexity libsdl debian opensuse canonical fedoraproject CWE-125	8.8
2019-02-06	CVE-2019-7548	SQL Injection vulnerability in multiple products SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. local low complexity sqlalchemy debian opensuse redhat oracle CWE-89	7.8
2019-02-06	CVE-2019-3820	Improper Authentication vulnerability in multiple products It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. low complexity gnome opensuse canonical CWE-287	4.3
2019-02-05	CVE-2018-18506	When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. network high complexity mozilla canonical debian redhat opensuse	5.9
2019-02-05	CVE-2018-8800	Out-of-bounds Write vulnerability in multiple products rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution. network low complexity rdesktop debian opensuse CWE-787 critical	9.8
2019-02-05	CVE-2018-8797	Out-of-bounds Write vulnerability in multiple products rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution. network low complexity rdesktop debian opensuse CWE-787 critical	9.8
2019-02-05	CVE-2018-8795	Integer Overflow or Wraparound vulnerability in multiple products rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution. network low complexity rdesktop debian opensuse CWE-190 critical	9.8
2019-02-05	CVE-2018-8794	Integer Overflow or Wraparound vulnerability in multiple products rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution. network low complexity rdesktop debian opensuse CWE-190 critical	9.8