High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-12	CVE-2018-20102	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. network low complexity haproxy canonical redhat CWE-125	7.5
2018-12-12	CVE-2018-16867	Race Condition vulnerability in multiple products A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. local high complexity qemu fedoraproject canonical CWE-362	7.8
2018-12-11	CVE-2018-18356	Use After Free vulnerability in multiple products An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian canonical redhat opensuse CWE-416	8.8
2018-12-07	CVE-2018-9518	Out-of-bounds Write vulnerability in multiple products In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. local low complexity google canonical CWE-787	7.2
2018-12-07	CVE-2018-5816	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger a division by zero via specially crafted NOKIARAW file (Note: This vulnerability is caused due to an incomplete fix of CVE-2018-5804). network libraw canonical CWE-190	7.1
2018-12-07	CVE-2018-5815	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file. network libraw canonical CWE-190	7.1
2018-12-07	CVE-2018-5813	Infinite Loop vulnerability in multiple products An error within the "parse_minolta()" function (dcraw/dcraw.c) in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file. network libraw canonical CWE-835	7.1
2018-12-07	CVE-2018-19931	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. local low complexity gnu netapp canonical CWE-787	7.8
2018-12-06	CVE-2018-9568	Incorrect Type Conversion or Cast vulnerability in multiple products In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. local low complexity google canonical redhat linux CWE-704	7.8
2018-11-29	CVE-2018-8788	Out-of-bounds Write vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution. network low complexity freerdp canonical debian CWE-787	7.5