High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-25	CVE-2019-14822	Missing Authorization vulnerability in multiple products A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. local low complexity ibus-project redhat canonical oracle CWE-862	7.1
2019-11-25	CVE-2019-14815	A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. local low complexity linux redhat netapp	7.8
2019-11-22	CVE-2012-0877	Resource Exhaustion vulnerability in multiple products PyXML: Hash table collisions CPU usage Denial of Service network low complexity python redhat CWE-400	7.5
2019-11-20	CVE-2013-1817	Information Exposure vulnerability in multiple products MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. network low complexity mediawiki debian redhat fedoraproject CWE-200	7.5
2019-11-20	CVE-2013-1816	Improper Input Validation vulnerability in multiple products MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. network low complexity mediawiki debian redhat fedoraproject CWE-20	7.5
2019-11-19	CVE-2011-4967	Improper Input Validation vulnerability in multiple products tog-Pegasus has a package hash collision DoS vulnerability network low complexity openpegasus redhat CWE-20	7.5
2019-11-15	CVE-2011-2726	Incorrect Authorization vulnerability in multiple products An access bypass issue was found in Drupal 7.x before version 7.5. network low complexity drupal debian redhat fedoraproject CWE-863	7.5
2019-11-15	CVE-2016-5285	NULL Pointer Dereference vulnerability in multiple products A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service. network low complexity mozilla debian redhat suse avaya CWE-476	7.5
2019-11-14	CVE-2012-1168	Improper Input Validation vulnerability in multiple products Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. network low complexity moodle fedoraproject redhat CWE-20	8.2
2019-11-14	CVE-2012-1156	Information Exposure Through Log Files vulnerability in multiple products Moodle before 2.2.2 has users' private files included in course backups network low complexity moodle fedoraproject redhat CWE-532	7.5