Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-28	CVE-2019-11043	Out-of-bounds Write vulnerability in multiple products In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution. network low complexity php canonical debian fedoraproject tenable redhat CWE-787 critical	9.8
2019-09-06	CVE-2019-14813	Incorrect Authorization vulnerability in multiple products A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. network low complexity artifex redhat fedoraproject opensuse debian CWE-863 critical	9.8
2019-07-19	CVE-2019-1010238	Out-of-bounds Write vulnerability in multiple products Gnome Pango 1.42 and later is affected by: Buffer Overflow. network low complexity gnome oracle fedoraproject debian canonical redhat CWE-787 critical	9.8
2019-06-14	CVE-2019-10126	Heap-based Buffer Overflow vulnerability in multiple products A flaw was found in the Linux kernel. network low complexity linux redhat canonical debian opensuse netapp CWE-122 critical	9.8
2019-06-07	CVE-2019-10160	Encoding Error vulnerability in multiple products A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. network low complexity python redhat debian opensuse fedoraproject canonical netapp CWE-172 critical	9.8
2019-05-22	CVE-2019-7837	Use After Free vulnerability in multiple products Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. network adobe apple linux microsoft google redhat CWE-416 critical	9.3
2019-03-23	CVE-2019-9948	Path Traversal vulnerability in multiple products urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call. network low complexity python opensuse debian fedoraproject canonical redhat CWE-22 critical	9.1
2019-03-08	CVE-2019-9636	Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. network low complexity python fedoraproject opensuse debian canonical redhat oracle critical	9.8
2019-02-19	CVE-2019-5759	Use After Free vulnerability in multiple products Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. network low complexity google debian redhat fedoraproject CWE-416 critical	9.6
2019-01-18	CVE-2018-15982	Use After Free vulnerability in Adobe Flash Player Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. network low complexity adobe apple linux microsoft google redhat CWE-416 critical	10.0