Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-08	CVE-2019-14824	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission to display attribute values. network low complexity fedoraproject redhat debian CWE-732	6.5
2019-11-07	CVE-2019-18811	Memory Leak vulnerability in multiple products A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380358b1. local low complexity linux fedoraproject redhat CWE-401	5.5
2019-11-06	CVE-2016-1000037	Cross-site Scripting vulnerability in multiple products Pagure: XSS possible in file attachment endpoint network low complexity redhat fedoraproject CWE-79	6.1
2019-11-06	CVE-2014-8181	Improper Initialization vulnerability in Redhat Enterprise Linux and Enterprise MRG The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace. local low complexity redhat CWE-665	5.5
2019-11-05	CVE-2013-5661	Authentication Bypass by Spoofing vulnerability in multiple products Cache Poisoning issue exists in DNS Response Rate Limiting. network high complexity isc nlnetlabs nic redhat CWE-290	5.9
2019-11-01	CVE-2013-3718	Improper Input Validation vulnerability in multiple products evince is missing a check on number of pages which can lead to a segmentation fault local low complexity gnome debian redhat opensuse CWE-20	5.5
2019-10-16	CVE-2019-2999	Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). network high complexity oracle redhat netapp debian opensuse canonical	4.7
2019-10-16	CVE-2019-2996	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Deployment). network high complexity oracle netapp redhat	4.2
2019-10-16	CVE-2019-2975	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). network high complexity oracle redhat netapp debian opensuse mcafee canonical	4.8
2019-10-09	CVE-2019-6465	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. network low complexity isc redhat CWE-732	5.3