High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-21	CVE-2018-20615	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. network low complexity haproxy opensuse canonical redhat CWE-125	7.5
2019-03-21	CVE-2018-12023	Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. network high complexity fasterxml debian fedoraproject oracle redhat CWE-502	7.5
2019-03-21	CVE-2018-12022	Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. network high complexity fasterxml debian fedoraproject oracle redhat CWE-502	7.5
2019-03-14	CVE-2019-3816	Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. network low complexity openwsman-project redhat fedoraproject opensuse	7.5
2019-03-09	CVE-2019-9640	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php canonical debian opensuse netapp redhat CWE-125	7.5
2019-03-09	CVE-2019-9639	Missing Initialization of Resource vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php debian canonical opensuse netapp redhat CWE-909	7.5
2019-03-09	CVE-2019-9638	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php debian canonical opensuse netapp redhat CWE-125	7.5
2019-02-28	CVE-2018-12397	Information Exposure vulnerability in multiple products A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. local low complexity mozilla redhat debian canonical CWE-200	7.1
2019-02-28	CVE-2018-12395	By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. network low complexity mozilla debian canonical redhat	7.5
2019-02-28	CVE-2018-12393	Integer Overflow or Wraparound vulnerability in multiple products A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. network low complexity mozilla debian canonical redhat CWE-190	7.5