Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-15	CVE-2019-3811	A vulnerability was found in sssd. low complexity fedoraproject debian opensuse redhat	5.2
2018-12-26	CVE-2018-19871	Resource Exhaustion vulnerability in multiple products An issue was discovered in Qt before 5.11.3. network low complexity qt opensuse CWE-400	6.5
2018-12-26	CVE-2018-19869	Improper Input Validation vulnerability in multiple products An issue was discovered in Qt before 5.11.3. network low complexity qt opensuse CWE-20	6.5
2018-12-26	CVE-2018-20482	Infinite Loop vulnerability in multiple products GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root). local high complexity gnu debian opensuse CWE-835	4.7
2018-12-26	CVE-2018-20467	Infinite Loop vulnerability in multiple products In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. network low complexity imagemagick opensuse debian canonical CWE-835	6.5
2018-12-20	CVE-2018-20126	Missing Release of Resource after Effective Lifetime vulnerability in multiple products hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. local low complexity qemu canonical opensuse CWE-772	5.5
2018-12-20	CVE-2018-1000880	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. network low complexity libarchive canonical opensuse fedoraproject CWE-119	6.5
2018-12-20	CVE-2018-1000879	NULL Pointer Dereference vulnerability in multiple products libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. network low complexity libarchive opensuse fedoraproject CWE-476	6.5
2018-12-13	CVE-2018-16872	A flaw was found in qemu Media Transfer Protocol (MTP). network high complexity qemu debian fedoraproject canonical opensuse	5.3
2018-12-13	CVE-2018-19489	Race Condition vulnerability in multiple products v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. local high complexity qemu debian fedoraproject canonical opensuse CWE-362	4.7