High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-21	CVE-2019-7221	Use After Free vulnerability in multiple products The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. local low complexity linux opensuse fedoraproject debian canonical netapp redhat CWE-416	7.8
2019-03-21	CVE-2019-6116	In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. local low complexity artifex fedoraproject canonical debian opensuse redhat	7.8
2019-03-14	CVE-2019-3816	Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. network low complexity openwsman-project redhat fedoraproject opensuse	7.5
2019-02-28	CVE-2018-12397	Information Exposure vulnerability in multiple products A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. local low complexity mozilla redhat debian canonical CWE-200	7.1
2019-02-28	CVE-2018-12395	By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. network low complexity mozilla debian canonical redhat	7.5
2019-02-28	CVE-2018-12393	Integer Overflow or Wraparound vulnerability in multiple products A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. network low complexity mozilla debian canonical redhat CWE-190	7.5
2019-02-28	CVE-2018-12389	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. network low complexity mozilla debian canonical redhat CWE-119	8.8
2019-02-19	CVE-2019-5782	Out-of-bounds Write vulnerability in multiple products Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. network low complexity google debian redhat fedoraproject CWE-787	8.8
2019-02-19	CVE-2019-5780	Improper Input Validation vulnerability in multiple products Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events. local low complexity google redhat debian fedoraproject CWE-20	7.8
2019-02-19	CVE-2019-5774	Missing Authorization vulnerability in multiple products Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .desktop file. network low complexity google debian redhat fedoraproject CWE-862	8.8