High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-28	CVE-2019-18276	Improper Check for Dropped Privileges vulnerability in multiple products An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. local low complexity gnu netapp oracle CWE-273	7.8
2019-11-26	CVE-2019-16255	Code Injection vulnerability in multiple products Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. network high complexity ruby-lang debian opensuse oracle CWE-94	8.1
2019-11-25	CVE-2019-19244	sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. network low complexity sqlite canonical oracle siemens	7.5
2019-11-25	CVE-2019-14822	Missing Authorization vulnerability in multiple products A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. local low complexity ibus-project redhat canonical oracle CWE-862	7.1
2019-11-18	CVE-2019-19052	Memory Leak vulnerability in multiple products A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486. network low complexity linux debian canonical opensuse oracle netapp broadcom CWE-401	7.5
2019-10-29	CVE-2019-0210	Out-of-bounds Read vulnerability in multiple products In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data. network low complexity apache redhat oracle CWE-125	7.5
2019-10-29	CVE-2019-0205	Infinite Loop vulnerability in multiple products In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. network low complexity apache redhat oracle CWE-835	7.5
2019-10-16	CVE-2019-3028	Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). local low complexity oracle	8.8
2019-10-16	CVE-2019-3017	Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). local low complexity oracle	8.2
2019-10-16	CVE-2019-3010	Unspecified vulnerability in Oracle Solaris 11 Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). local low complexity oracle	8.8