High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-04	CVE-2017-18595	Double Free vulnerability in multiple products An issue was discovered in the Linux kernel before 4.14.11. local low complexity linux opensuse CWE-415	7.8
2019-09-04	CVE-2019-15917	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.0.5. local high complexity linux debian opensuse CWE-416	7.0
2019-09-03	CVE-2019-14817	Incorrect Authorization vulnerability in multiple products A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat opensuse fedoraproject debian CWE-863	7.8
2019-09-03	CVE-2019-14811	Incorrect Authorization vulnerability in multiple products A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. local low complexity artifex redhat fedoraproject opensuse debian CWE-863	7.8
2019-09-02	CVE-2019-15847	Insufficient Entropy vulnerability in multiple products The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. network low complexity gnu opensuse CWE-331	7.5
2019-08-25	CVE-2019-15538	Resource Exhaustion vulnerability in multiple products An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. network low complexity linux canonical netapp opensuse debian fedoraproject CWE-400	7.5
2019-08-20	CVE-2019-10086	Deserialization of Untrusted Data vulnerability in multiple products In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. network low complexity apache debian opensuse fedoraproject redhat oracle CWE-502	7.3
2019-08-20	CVE-2019-2126	Double Free vulnerability in multiple products In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. network low complexity google fedoraproject canonical opensuse CWE-415	8.8
2019-08-15	CVE-2019-9852	Path Traversal vulnerability in multiple products LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. local low complexity debian canonical opensuse fedoraproject libreoffice CWE-22	7.8
2019-08-15	CVE-2019-12854	Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. network low complexity squid-cache debian fedoraproject canonical opensuse	7.5