High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-03	CVE-2019-5164	Missing Authentication for Critical Function vulnerability in multiple products An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. local low complexity shadowsocks opensuse CWE-306	7.8
2019-12-03	CVE-2019-5163	Missing Authentication for Critical Function vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. network low complexity shadowsocks opensuse CWE-306	7.5
2019-12-03	CVE-2016-1000104	Improper Input Validation vulnerability in multiple products A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07. network low complexity apache opensuse CWE-20	8.8
2019-11-26	CVE-2019-16255	Code Injection vulnerability in multiple products Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. network high complexity ruby-lang debian opensuse oracle CWE-94	8.1
2019-11-25	CVE-2019-13723	Use After Free vulnerability in multiple products Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject opensuse redhat CWE-416	8.8
2019-11-25	CVE-2019-13720	Use After Free vulnerability in multiple products Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse CWE-416	8.8
2019-11-25	CVE-2019-13706	Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. local low complexity google opensuse CWE-787	7.8
2019-11-25	CVE-2019-13702	Improper Privilege Management vulnerability in multiple products Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable. local low complexity google opensuse CWE-269	7.8
2019-11-25	CVE-2019-13700	Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse CWE-787	8.8
2019-11-25	CVE-2019-13699	Use After Free vulnerability in multiple products Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse CWE-416	8.8