High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-24	CVE-2018-20843	XXE vulnerability in multiple products In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). network low complexity libexpat-project canonical debian fedoraproject opensuse oracle tenable CWE-611	7.5
2019-06-17	CVE-2019-8323	Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. network low complexity rubygems debian opensuse CWE-74	7.5
2019-06-17	CVE-2019-8322	Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. network low complexity rubygems debian opensuse CWE-74	7.5
2019-06-17	CVE-2019-8321	Argument Injection or Modification vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. network low complexity rubygems debian opensuse CWE-88	7.5
2019-06-17	CVE-2019-8325	Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. network low complexity rubygems opensuse debian CWE-74	7.5
2019-06-17	CVE-2019-8324	Code Injection vulnerability in multiple products An issue was discovered in RubyGems 2.6 and later through 3.0.2. network low complexity rubygems debian opensuse redhat CWE-94	8.8
2019-06-03	CVE-2019-3846	A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. low complexity linux redhat canonical netapp fedoraproject debian opensuse	8.8
2019-05-29	CVE-2019-12447	An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. network low complexity gnome canonical opensuse fedoraproject	7.3
2019-05-28	CVE-2019-5436	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. local low complexity haxx opensuse fedoraproject debian f5 netapp oracle CWE-787	7.8
2019-05-23	CVE-2019-5796	Out-of-bounds Write vulnerability in multiple products Data race in extensions guest view in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network high complexity google opensuse CWE-787	7.5