High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-07	CVE-2019-7574	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c. network low complexity libsdl debian opensuse fedoraproject canonical CWE-125	8.8
2019-02-07	CVE-2019-7573	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop). network low complexity libsdl debian opensuse fedoraproject canonical CWE-125	8.8
2019-02-07	CVE-2019-7572	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c. network low complexity libsdl debian opensuse canonical fedoraproject CWE-125	8.8
2019-02-06	CVE-2019-7548	SQL Injection vulnerability in multiple products SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. local low complexity sqlalchemy debian opensuse redhat oracle CWE-89	7.8
2019-02-05	CVE-2019-7398	Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c. network low complexity imagemagick opensuse debian canonical CWE-401	7.5
2019-02-05	CVE-2019-7397	Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c. network low complexity imagemagick graphicsmagick opensuse debian canonical CWE-401	7.5
2019-02-05	CVE-2019-7396	Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c. network low complexity imagemagick opensuse debian canonical CWE-401	7.5
2019-02-05	CVE-2019-7395	Memory Leak vulnerability in multiple products In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c. network low complexity imagemagick opensuse debian canonical CWE-401	7.5
2019-01-24	CVE-2019-6486	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks. network low complexity golang debian opensuse CWE-770	8.2
2019-01-16	CVE-2018-5740	Reachable Assertion vulnerability in multiple products "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. network low complexity isc redhat debian netapp canonical hp opensuse CWE-617	7.5