Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-11	CVE-2019-3460	Improper Input Validation vulnerability in multiple products A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1. low complexity linux canonical debian redhat CWE-20	6.5
2019-04-11	CVE-2019-3459	Out-of-bounds Read vulnerability in multiple products A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1. low complexity linux canonical redhat debian CWE-125	6.5
2019-04-11	CVE-2019-3837	Memory Leak vulnerability in multiple products It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. local low complexity linux redhat CWE-401	6.1
2019-04-10	CVE-2019-1003050	Cross-site Scripting vulnerability in multiple products The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names. network low complexity jenkins oracle redhat CWE-79	5.4
2019-04-09	CVE-2019-3893	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resource. network low complexity theforeman redhat CWE-732	4.9
2019-04-09	CVE-2019-3887	A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. local high complexity linux fedoraproject canonical redhat	5.6
2019-04-09	CVE-2019-3880	Path Traversal vulnerability in multiple products A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. network low complexity samba debian redhat fedoraproject opensuse CWE-22	5.4
2019-04-09	CVE-2019-0757	A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'. network low complexity microsoft mono-project redhat	6.5
2019-04-05	CVE-2019-10876	An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. network low complexity openstack redhat	6.5
2019-04-04	CVE-2019-3886	An incorrect permissions check was discovered in libvirt 4.8.0 and above. low complexity redhat opensuse fedoraproject	5.4