Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-16	CVE-2019-2996	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Deployment). network high complexity oracle netapp redhat	4.2
2019-10-16	CVE-2019-2975	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). network high complexity oracle redhat netapp debian opensuse mcafee canonical	4.8
2019-10-09	CVE-2019-6465	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. network low complexity isc redhat CWE-732	5.3
2019-09-30	CVE-2019-16994	Memory Leak vulnerability in multiple products In the Linux kernel before 5.0, a memory leak exists in sit_init_net() in net/ipv6/sit.c when register_netdev() fails to register sitn->fb_tunnel_dev, which may cause denial of service, aka CID-07f12b26e21a. local high complexity linux redhat opensuse CWE-401	4.7
2019-09-21	CVE-2019-16680	Path Traversal vulnerability in multiple products An issue was discovered in GNOME file-roller before 3.29.91. network low complexity gnome redhat debian canonical CWE-22	4.3
2019-09-17	CVE-2019-14826	Insufficient Session Expiration vulnerability in multiple products A flaw was found in FreeIPA versions 4.5.0 and later. local low complexity freeipa redhat CWE-613	4.4
2019-09-13	CVE-2019-15031	Improper Synchronization vulnerability in multiple products In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. local low complexity linux redhat canonical opensuse CWE-662	4.4
2019-09-13	CVE-2019-15030	Missing Authorization vulnerability in multiple products In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. local low complexity linux redhat canonical opensuse CWE-862	4.4
2019-09-11	CVE-2019-16233	NULL Pointer Dereference vulnerability in multiple products drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. local high complexity linux redhat canonical opensuse CWE-476	4.1
2019-09-11	CVE-2019-16231	NULL Pointer Dereference vulnerability in multiple products drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. local high complexity linux redhat canonical opensuse CWE-476	4.1