Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-19	CVE-2019-11038	Use of Uninitialized Resource vulnerability in multiple products When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. network low complexity libgd php canonical debian fedoraproject suse opensuse redhat CWE-908	5.3
2019-06-11	CVE-2019-0197	HTTP Request Smuggling vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. network high complexity apache canonical fedoraproject opensuse redhat oracle CWE-444	4.2
2019-06-11	CVE-2019-0220	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. network low complexity apache opensuse debian fedoraproject canonical CWE-706	5.3
2019-06-03	CVE-2019-12614	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. local high complexity linux redhat canonical opensuse fedoraproject CWE-476	4.1
2019-05-29	CVE-2019-12449	Improper Handling of Exceptional Conditions vulnerability in multiple products An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. network low complexity gnome canonical opensuse fedoraproject CWE-755	5.7
2019-05-23	CVE-2019-5804	Argument Injection or Modification vulnerability in multiple products Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a local attacker to perform domain spoofing via a crafted domain name. local low complexity google opensuse CWE-88	5.5
2019-05-23	CVE-2019-5803	Improper Input Validation vulnerability in multiple products Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google opensuse CWE-20	6.5
2019-05-23	CVE-2019-5802	Incorrect handling of download origins in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google opensuse	6.5
2019-05-23	CVE-2019-5801	Improper Input Validation vulnerability in multiple products Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google opensuse CWE-20	6.5
2019-05-23	CVE-2019-5800	Improper Input Validation vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to bypass content security policy via a crafted HTML page. network low complexity google opensuse CWE-20	6.5