High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-17	CVE-2018-14354	OS Command Injection vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. network low complexity mutt neomutt canonical debian redhat CWE-78	7.5
2018-07-17	CVE-2018-14353	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. network low complexity mutt neomutt canonical debian CWE-191	7.5
2018-07-17	CVE-2018-14352	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. network low complexity mutt neomutt canonical debian CWE-787	7.5
2018-07-17	CVE-2018-14351	Improper Input Validation vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. network low complexity mutt neomutt canonical debian CWE-20	7.5
2018-07-17	CVE-2018-14350	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. network low complexity mutt neomutt debian canonical CWE-787	7.5
2018-07-17	CVE-2018-14349	Improper Input Validation vulnerability in multiple products An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. network low complexity debian mutt neomutt canonical CWE-20	7.5
2018-07-11	CVE-2018-0500	Out-of-bounds Write vulnerability in multiple products Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value). network low complexity haxx canonical CWE-787	7.5
2018-07-06	CVE-2018-13406	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. local low complexity linux canonical debian CWE-190	7.8
2018-07-06	CVE-2018-13405	Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. local low complexity linux debian canonical fedoraproject redhat f5 CWE-269	7.8
2018-07-01	CVE-2018-13043	Code Injection vulnerability in multiple products scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing. network low complexity debian canonical CWE-94	7.5