High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-08	CVE-2019-17024	Out-of-bounds Write vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox 71 and Firefox ESR 68.3. network low complexity mozilla canonical debian redhat opensuse CWE-787	8.8
2020-01-08	CVE-2019-17017	Type Confusion vulnerability in multiple products Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. network low complexity mozilla canonical debian redhat CWE-843	8.8
2020-01-08	CVE-2019-11745	Out-of-bounds Write vulnerability in multiple products When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. network low complexity mozilla opensuse canonical debian redhat siemens CWE-787	8.8
2020-01-07	CVE-2019-14819	Unspecified vulnerability in Redhat Openshift Container Platform 3.10/3.11 A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. network low complexity redhat	8.8
2020-01-07	CVE-2019-14866	In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. local low complexity gnu redhat	7.3
2020-01-07	CVE-2019-14843	Incorrect Authorization vulnerability in Redhat products A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. network low complexity redhat CWE-863	8.8
2019-12-30	CVE-2013-0264	Improper Certificate Validation vulnerability in Redhat MRG Management Console R5310 An import error was introduced in Cumin in the code refactoring in r5310. network low complexity redhat CWE-295	7.5
2019-12-26	CVE-2019-16789	HTTP Request Smuggling vulnerability in multiple products In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. network low complexity agendaless oracle debian fedoraproject redhat CWE-444	8.2
2019-12-24	CVE-2019-19925	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. network low complexity sqlite siemens oracle debian redhat suse opensuse netapp CWE-434	7.5
2019-12-24	CVE-2019-19923	NULL Pointer Dereference vulnerability in multiple products flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. network low complexity sqlite siemens oracle debian redhat suse opensuse netapp CWE-476	7.5