Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-05	CVE-2019-9213	NULL Pointer Dereference vulnerability in multiple products In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. local low complexity linux debian redhat opensuse canonical CWE-476	5.5
2019-03-05	CVE-2018-19640	Improper Input Validation vulnerability in Opensuse Supportutils 3.0.1095.51.1 If the attacker manages to create files in the directory used to collect log files in supportutils before version 3.1-5.7.1 (e.g. local low complexity opensuse CWE-20	5.5
2019-03-05	CVE-2018-19638	Link Following vulnerability in Opensuse Supportutils 3.0.1095.51.1 In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an unprivileged user could have overwritten arbitrary files in the directory that is used by supportutils to collect the log files. local high complexity opensuse CWE-59	4.7
2019-03-05	CVE-2018-19637	Link Following vulnerability in Opensuse Supportutils 3.0.1095.51.1 Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local attackers to overwrite files on systems without symlink protection local low complexity opensuse CWE-59	5.5
2019-02-28	CVE-2019-9209	Off-by-one Error vulnerability in multiple products In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. local low complexity wireshark debian canonical opensuse CWE-193	5.5
2019-02-27	CVE-2019-1559	Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. network high complexity openssl canonical debian netapp f5 tenable opensuse fedoraproject mcafee redhat oracle paloaltonetworks nodejs CWE-203	5.9
2019-02-19	CVE-2019-3812	QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. local low complexity qemu fedoraproject canonical opensuse	5.5
2019-02-18	CVE-2019-8906	Out-of-bounds Read vulnerability in multiple products do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. local low complexity file-project canonical opensuse apple CWE-125	4.4
2019-02-18	CVE-2019-8905	Out-of-bounds Read vulnerability in multiple products do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360. local low complexity debian file-project canonical opensuse CWE-125	4.4
2019-02-09	CVE-2019-7665	Out-of-bounds Read vulnerability in multiple products In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. local low complexity elfutils-project debian canonical opensuse redhat CWE-125	5.5