High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-03	CVE-2020-5395	Use After Free vulnerability in multiple products FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c. network low complexity fontforge fedoraproject opensuse CWE-416	8.8
2019-12-27	CVE-2019-20014	Double Free vulnerability in multiple products An issue was discovered in GNU LibreDWG before 0.93. network low complexity gnu opensuse CWE-415	8.8
2019-12-27	CVE-2019-20011	Out-of-bounds Read vulnerability in multiple products An issue was discovered in GNU LibreDWG 0.92. network low complexity gnu opensuse CWE-125	8.8
2019-12-27	CVE-2019-20010	Use After Free vulnerability in multiple products An issue was discovered in GNU LibreDWG 0.92. network low complexity gnu opensuse CWE-416	8.8
2019-12-26	CVE-2019-15695	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. network low complexity tigervnc opensuse CWE-754	7.2
2019-12-26	CVE-2019-15694	Out-of-bounds Write vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow, which could be triggered from DecodeManager::decodeRect. network low complexity tigervnc opensuse CWE-787	7.2
2019-12-26	CVE-2019-15692	Out-of-bounds Write vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. network low complexity tigervnc opensuse CWE-787	7.2
2019-12-26	CVE-2019-15691	Operation on a Resource after Expiration or Release vulnerability in multiple products TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. network low complexity tigervnc opensuse CWE-672	7.2
2019-12-24	CVE-2019-19925	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. network low complexity sqlite siemens oracle debian redhat suse opensuse netapp CWE-434	7.5
2019-12-24	CVE-2019-19923	NULL Pointer Dereference vulnerability in multiple products flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. network low complexity sqlite siemens oracle debian redhat suse opensuse netapp CWE-476	7.5