High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-21	CVE-2018-12023	Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. network high complexity fasterxml debian fedoraproject oracle redhat CWE-502	7.5
2019-03-21	CVE-2018-12022	Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. network high complexity fasterxml debian fedoraproject oracle redhat CWE-502	7.5
2019-02-12	CVE-2018-20781	Insufficiently Protected Credentials vulnerability in multiple products In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. local low complexity gnome canonical oracle CWE-522	7.8
2019-02-06	CVE-2019-7548	SQL Injection vulnerability in multiple products SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled. local low complexity sqlalchemy debian opensuse redhat oracle CWE-89	7.8
2019-02-06	CVE-2019-3823	Out-of-bounds Read vulnerability in multiple products libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. network low complexity haxx canonical debian netapp oracle CWE-125	7.5
2019-02-06	CVE-2018-16890	Integer Overflow or Wraparound vulnerability in multiple products libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. network low complexity haxx canonical debian netapp siemens oracle redhat f5 CWE-190	7.5
2019-01-30	CVE-2019-0190	A bug exists in the way mod_ssl handled client renegotiations. network low complexity apache oracle	7.5
2019-01-30	CVE-2018-17199	Session Fixation vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. network low complexity apache debian netapp canonical oracle CWE-384	7.5
2019-01-16	CVE-2019-2552	Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). local low complexity oracle	8.8
2019-01-16	CVE-2019-2548	Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). local low complexity oracle	7.8