High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-18	CVE-2019-8506	Type Confusion vulnerability in multiple products A type confusion issue was addressed with improved memory handling. network low complexity apple redhat CWE-843	8.8
2019-12-18	CVE-2012-2312	Improper Privilege Management vulnerability in Redhat products An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated privileges. local low complexity redhat CWE-269	7.8
2019-12-18	CVE-2019-19880	NULL Pointer Dereference vulnerability in multiple products exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. network low complexity sqlite netapp debian suse redhat opensuse oracle siemens CWE-476	7.5
2019-12-15	CVE-2014-3701	Race Condition vulnerability in Redhat Edeploy and Jboss Enterprise web Server eDeploy has tmp file race condition flaws network high complexity redhat CWE-362	8.1
2019-12-13	CVE-2014-0197	Cross-Site Request Forgery (CSRF) vulnerability in Redhat Cloudforms and Cloudforms Management Engine CFME: CSRF protection vulnerability via permissive check of the referrer header network low complexity redhat CWE-352	8.8
2019-12-13	CVE-2019-16776	Path Traversal vulnerability in multiple products Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. network low complexity npmjs opensuse oracle fedoraproject redhat CWE-22	8.1
2019-12-11	CVE-2014-0163	OS Command Injection vulnerability in Redhat Openshift 1.0/2.0 Openshift has shell command injection flaws due to unsanitized data being passed into shell commands. network low complexity redhat CWE-78	8.8
2019-12-10	CVE-2019-13764	Type Confusion vulnerability in multiple products Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse redhat CWE-843	8.8
2019-12-10	CVE-2019-13747	Use of Uninitialized Resource vulnerability in multiple products Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject redhat CWE-908	8.8
2019-12-10	CVE-2019-13741	Cross-site Scripting vulnerability in multiple products Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content. network low complexity google debian fedoraproject redhat CWE-79	8.8