High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-14	CVE-2015-3150	Improper Input Validation vulnerability in Redhat Automatic BUG Reporting Tool abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElement, or (3) DeleteProblem method. local low complexity redhat CWE-20	7.1
2020-01-14	CVE-2015-1869	Link Following vulnerability in Redhat Automatic BUG Reporting Tool The default event handling scripts in Automatic Bug Reporting Tool (ABRT) allow local users to gain privileges as demonstrated by a symlink attack on a var_log_messages file. local low complexity redhat CWE-59	7.8
2020-01-14	CVE-2014-7844	Injection vulnerability in multiple products BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address. local low complexity redhat debian bsd-mailx-project CWE-74	7.8
2020-01-13	CVE-2020-6851	Out-of-bounds Write vulnerability in multiple products OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. network low complexity uclouvain fedoraproject debian redhat oracle CWE-787	7.5
2020-01-10	CVE-2020-6377	Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject redhat debian CWE-416	8.8
2020-01-09	CVE-2014-2686	Always-Incorrect Control Flow Implementation vulnerability in Redhat Ansible Ansible prior to 1.5.4 mishandles the evaluation of some strings. network low complexity redhat CWE-670	7.5
2020-01-07	CVE-2019-14819	Privilege Context Switching Error vulnerability in Redhat Openshift Container Platform 3.10/3.11 A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. network low complexity redhat CWE-270	8.8
2020-01-07	CVE-2019-14866	In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. local low complexity gnu redhat	7.3
2019-12-26	CVE-2019-16789	HTTP Request Smuggling vulnerability in multiple products In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. network low complexity agendaless oracle debian fedoraproject redhat CWE-444	8.2
2019-12-23	CVE-2019-18390	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in the vrend_blit_need_swizzle function in vrend_renderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGL_CCMD_BLIT commands. local low complexity virglrenderer-project redhat opensuse debian CWE-125	7.1