Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-06	CVE-2019-7548	SQL Injection vulnerability in multiple products SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. network sqlalchemy debian opensuse redhat oracle CWE-89	6.8
2019-02-06	CVE-2019-3820	Improper Authentication vulnerability in multiple products It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. local low complexity gnome opensuse canonical CWE-287	4.6
2019-02-05	CVE-2018-18506	When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. network high complexity mozilla canonical debian redhat opensuse	5.9
2019-02-05	CVE-2019-7398	Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. network low complexity imagemagick opensuse debian canonical CWE-401	5.0
2019-02-05	CVE-2019-7397	Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. network low complexity imagemagick graphicsmagick opensuse debian canonical CWE-401	5.0
2019-02-05	CVE-2019-7396	Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c. network low complexity imagemagick opensuse debian canonical CWE-401	5.0
2019-02-05	CVE-2019-7395	Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. network low complexity imagemagick opensuse debian canonical CWE-401	5.0
2019-02-04	CVE-2019-1000020	Infinite Loop vulnerability in multiple products libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. network low complexity libarchive canonical debian redhat opensuse fedoraproject CWE-835	6.5
2019-02-04	CVE-2019-1000019	Out-of-bounds Read vulnerability in multiple products libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). network low complexity libarchive debian canonical redhat opensuse fedoraproject CWE-125	6.5
2019-02-04	CVE-2019-7317	Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. network high complexity libpng debian canonical oracle hpe hp mozilla opensuse netapp redhat CWE-416	2.6