High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-20	CVE-2019-10086	Deserialization of Untrusted Data vulnerability in multiple products In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. network low complexity apache debian opensuse fedoraproject redhat oracle CWE-502	7.3
2019-08-13	CVE-2019-9514	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. network low complexity apple apache debian canonical synology fedoraproject opensuse redhat oracle mcafee netapp f5 nodejs CWE-770	7.5
2019-08-07	CVE-2019-14744	OS Command Injection vulnerability in multiple products In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. local low complexity kde debian fedoraproject opensuse canonical redhat CWE-78	7.8
2019-07-30	CVE-2018-16871	NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. network low complexity linux redhat netapp CWE-476	7.5
2019-07-16	CVE-2019-13616	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. network low complexity libsdl debian opensuse fedoraproject canonical redhat CWE-125	8.1
2019-06-19	CVE-2019-3896	Use After Free vulnerability in multiple products A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. local low complexity linux redhat CWE-416	7.8
2019-05-07	CVE-2019-11811	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.0.4. local high complexity linux redhat opensuse CWE-416	7.0
2019-04-23	CVE-2019-2602	Resource Exhaustion vulnerability in multiple products Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). network low complexity oracle redhat opensuse canonical debian mcafee hp CWE-400	7.5
2019-04-23	CVE-2019-0223	While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS even when configured to verify the peer certificate while used with OpenSSL versions before 1.1.0. network high complexity apache redhat	7.4
2019-04-22	CVE-2019-11235	Insufficient Verification of Data Authenticity vulnerability in multiple products FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499. network low complexity freeradius fedoraproject redhat canonical opensuse CWE-345	7.5