High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-07	CVE-2018-16844	Resource Exhaustion vulnerability in multiple products nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. network low complexity f5 debian canonical apple CWE-400	7.8
2018-11-07	CVE-2018-16843	Resource Exhaustion vulnerability in multiple products nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. network low complexity f5 debian canonical opensuse apple CWE-400	7.8
2018-11-06	CVE-2018-9516	Out-of-bounds Write vulnerability in multiple products In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. local low complexity google debian canonical CWE-787	7.2
2018-11-06	CVE-2018-9363	Integer Overflow or Wraparound vulnerability in multiple products In the hidp_process_report in bluetooth, there is an integer overflow. local low complexity google canonical debian linux CWE-190	8.4
2018-10-31	CVE-2016-6328	Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in libexif. network low complexity libexif-project debian canonical CWE-190	8.1
2018-10-31	CVE-2018-16840	Use After Free vulnerability in multiple products A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. network low complexity haxx canonical CWE-416	7.5
2018-10-29	CVE-2018-18751	Double Free vulnerability in multiple products An issue was discovered in GNU gettext 0.19.8. network low complexity gnu canonical redhat CWE-415	7.5
2018-10-26	CVE-2018-15687	Race Condition vulnerability in multiple products A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. local high complexity canonical systemd-project CWE-362	7.0
2018-10-26	CVE-2018-15686	Deserialization of Untrusted Data vulnerability in multiple products A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. local low complexity debian canonical systemd-project oracle CWE-502	7.8
2018-10-26	CVE-2018-18653	Improper Verification of Cryptographic Signature vulnerability in Canonical Ubuntu Linux 18.10 The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. local low complexity canonical CWE-347	7.2