Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-16	CVE-2019-2949	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). network high complexity oracle debian netapp redhat canonical opensuse mcafee	6.8
2019-10-16	CVE-2019-2938	Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). network high complexity oracle mariadb fedoraproject canonical opensuse netapp	4.4
2019-10-14	CVE-2019-17595	Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. network low complexity gnu opensuse CWE-125	5.4
2019-10-14	CVE-2019-17594	Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012. local low complexity gnu opensuse CWE-125	5.3
2019-10-10	CVE-2019-17451	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. network low complexity gnu opensuse canonical CWE-190	6.5
2019-10-10	CVE-2019-17450	Uncontrolled Recursion vulnerability in multiple products find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. network low complexity gnu opensuse canonical CWE-674	6.5
2019-10-03	CVE-2019-15165	Allocation of Resources Without Limits or Throttling vulnerability in multiple products sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory. network low complexity tcpdump debian opensuse oracle apple canonical fedoraproject CWE-770	5.3
2019-09-30	CVE-2019-16994	Memory Leak vulnerability in multiple products In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a. local high complexity linux redhat opensuse CWE-401	4.7
2019-09-27	CVE-2019-9433	Improper Input Validation vulnerability in multiple products In libvpx, there is a possible information disclosure due to improper input validation. network low complexity google opensuse fedoraproject debian canonical CWE-20	6.5
2019-09-27	CVE-2019-9371	Improper Input Validation vulnerability in multiple products In libvpx, there is a possible resource exhaustion due to improper input validation. network low complexity google opensuse fedoraproject debian canonical CWE-20	6.5