Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-29	CVE-2019-14895	A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. network low complexity linux debian canonical fedoraproject opensuse critical	9.8
2019-11-28	CVE-2019-19318	Use After Free vulnerability in multiple products In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer, local low complexity linux opensuse canonical debian netapp CWE-416	4.4
2019-11-27	CVE-2019-19319	Use After Free vulnerability in multiple products In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30. local low complexity linux redhat opensuse CWE-416	6.5
2019-11-27	CVE-2019-18660	Information Exposure vulnerability in multiple products The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. local high complexity linux redhat canonical fedoraproject opensuse CWE-200	4.7
2019-11-26	CVE-2019-16255	Code Injection vulnerability in multiple products Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. network high complexity ruby-lang debian opensuse oracle CWE-94	8.1
2019-11-26	CVE-2019-12526	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid before 4.9. network low complexity squid-cache canonical fedoraproject opensuse debian CWE-787 critical	9.8
2019-11-26	CVE-2019-12523	An issue was discovered in Squid before 4.9. network low complexity squid-cache canonical fedoraproject opensuse debian critical	9.1
2019-11-26	CVE-2019-14856	Improper Authentication vulnerability in multiple products ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None network low complexity redhat opensuse CWE-287	6.5
2019-11-25	CVE-2019-13720	Use After Free vulnerability in multiple products Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse CWE-416	8.8
2019-11-25	CVE-2019-10214	Insufficiently Protected Credentials vulnerability in multiple products The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. network high complexity redhat skopeo-project buildah-project libpod-project opensuse CWE-522	5.9