Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-18	CVE-2019-19066	Memory Leak vulnerability in multiple products A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd. local high complexity linux redhat debian canonical fedoraproject opensuse CWE-401	4.7
2019-11-18	CVE-2019-19062	Memory Leak vulnerability in multiple products A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042. local high complexity linux redhat debian canonical fedoraproject opensuse CWE-401	4.7
2019-11-14	CVE-2019-11135	TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. local low complexity opensuse fedoraproject slackware hp intel canonical debian redhat oracle	6.5
2019-11-08	CVE-2019-14824	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. network low complexity fedoraproject redhat debian CWE-732	6.5
2019-11-07	CVE-2019-18811	Memory Leak vulnerability in multiple products A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1. local low complexity linux fedoraproject redhat CWE-401	5.5
2019-11-06	CVE-2016-1000037	Cross-site Scripting vulnerability in multiple products Pagure: XSS possible in file attachment endpoint network low complexity redhat fedoraproject CWE-79	6.1
2019-11-06	CVE-2014-8181	Improper Initialization vulnerability in Redhat Enterprise Linux and Enterprise MRG The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace. local low complexity redhat CWE-665	5.5
2019-11-05	CVE-2013-5661	Authentication Bypass by Spoofing vulnerability in multiple products Cache Poisoning issue exists in DNS Response Rate Limiting. network high complexity isc nlnetlabs nic redhat CWE-290	5.9
2019-11-01	CVE-2013-3718	Improper Input Validation vulnerability in multiple products evince is missing a check on number of pages which can lead to a segmentation fault local low complexity gnome debian redhat opensuse CWE-20	5.5
2019-10-16	CVE-2019-2999	Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). network high complexity oracle redhat netapp debian opensuse canonical	4.7