Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-07	CVE-2019-18805	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. network low complexity linux opensuse redhat netapp broadcom CWE-190 critical	9.8
2019-11-07	CVE-2019-18804	NULL Pointer Dereference vulnerability in multiple products DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp. network low complexity djvulibre-project debian fedoraproject canonical opensuse CWE-476	7.5
2019-11-06	CVE-2019-14847	NULL Pointer Dereference vulnerability in multiple products A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. network low complexity samba opensuse fedoraproject CWE-476	4.9
2019-11-06	CVE-2019-14833	Weak Password Requirements vulnerability in multiple products A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. network low complexity samba opensuse fedoraproject CWE-521	5.4
2019-11-05	CVE-2019-5068	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library 19.1.2. local low complexity mesa3d opensuse debian canonical CWE-732	4.4
2019-11-05	CVE-2016-4983	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files. local low complexity dovecot opensuse redhat CWE-732	3.3
2019-11-05	CVE-2016-1000002	Information Exposure vulnerability in multiple products gdm3 3.14.2 and possibly later has an information leak before screen lock low complexity gnome redhat debian opensuse CWE-200	2.4
2019-11-04	CVE-2017-5333	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the extract_group_icon_cursor_resource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) or execute arbitrary code via a crafted executable file. local low complexity icoutils-project redhat canonical debian opensuse CWE-190	7.8
2019-11-04	CVE-2017-5332	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable. local low complexity icoutils-project redhat canonical debian opensuse CWE-119	7.8
2019-11-04	CVE-2017-5331	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the check_offset function in b/wrestool/fileread.c in icoutils before 0.31.1 allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable. local low complexity icoutils-project canonical debian opensuse CWE-190	7.8