Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-27	CVE-2019-5810	Cleartext Storage of Sensitive Information vulnerability in multiple products Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-312	6.5
2019-06-27	CVE-2019-5805	Use After Free vulnerability in multiple products Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. network low complexity google opensuse debian fedoraproject CWE-416	6.5
2019-06-26	CVE-2019-12976	Memory Leak vulnerability in multiple products ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in coders/pcl.c. local low complexity imagemagick debian canonical opensuse CWE-401	5.5
2019-06-26	CVE-2019-12975	Memory Leak vulnerability in multiple products ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXImage function in coders/dpx.c. local low complexity imagemagick debian canonical opensuse CWE-401	5.5
2019-06-26	CVE-2019-12973	Excessive Iteration vulnerability in multiple products In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. local low complexity uclouvain opensuse debian oracle CWE-834	5.5
2019-06-26	CVE-2019-12972	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. local low complexity gnu opensuse canonical CWE-125	5.5
2019-06-25	CVE-2019-9836	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor (PSP; aka AMD Secure Processor or AMD-SP) 0.17 build 11 and earlier has an insecure cryptographic implementation. network low complexity amd opensuse CWE-327	5.3
2019-06-20	CVE-2019-12904	Exposure of Resource to Wrong Sphere vulnerability in multiple products In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. network high complexity gnupg opensuse CWE-668	5.9
2019-06-19	CVE-2019-11038	Use of Uninitialized Resource vulnerability in multiple products When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. network low complexity libgd php canonical debian fedoraproject suse opensuse redhat CWE-908	5.3
2019-06-11	CVE-2019-0197	HTTP Request Smuggling vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. network high complexity apache canonical fedoraproject opensuse redhat oracle CWE-444	4.2