Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-27	CVE-2019-20011	Out-of-bounds Read vulnerability in multiple products An issue was discovered in GNU LibreDWG 0.92. network low complexity gnu opensuse CWE-125	8.8
2019-12-27	CVE-2019-20010	Use After Free vulnerability in multiple products An issue was discovered in GNU LibreDWG 0.92. network low complexity gnu opensuse CWE-416	8.8
2019-12-27	CVE-2019-20009	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in GNU LibreDWG before 0.93. network low complexity gnu opensuse CWE-770	6.5
2019-12-26	CVE-2019-15695	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. network low complexity tigervnc opensuse CWE-754	7.2
2019-12-26	CVE-2019-15694	Out-of-bounds Write vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. network low complexity tigervnc opensuse CWE-787	7.2
2019-12-26	CVE-2019-15692	Out-of-bounds Write vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. network low complexity tigervnc opensuse CWE-787	7.2
2019-12-26	CVE-2019-15691	Operation on a Resource after Expiration or Release vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. network low complexity tigervnc opensuse CWE-672	7.2
2019-12-25	CVE-2019-19966	Use After Free vulnerability in multiple products In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655. low complexity linux debian opensuse netapp CWE-416	4.6
2019-12-25	CVE-2019-19965	NULL Pointer Dereference vulnerability in multiple products In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5. local high complexity linux debian canonical netapp opensuse CWE-476	4.7
2019-12-24	CVE-2019-19925	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. network low complexity sqlite siemens oracle debian redhat suse opensuse netapp CWE-434	7.5