High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-17	CVE-2018-6913	Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. network low complexity debian perl canonical CWE-787	7.5
2018-04-17	CVE-2018-6797	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Perl 5.18 through 5.26. network low complexity debian perl canonical redhat CWE-787	7.5
2018-04-16	CVE-2018-10120	Improper Validation of Array Index vulnerability in multiple products The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record. local low complexity debian libreoffice redhat canonical CWE-129	7.8
2018-04-16	CVE-2018-10119	Use After Free vulnerability in multiple products sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format. local low complexity libreoffice debian redhat canonical CWE-416	7.8
2018-04-12	CVE-2018-1084	Integer Overflow or Wraparound vulnerability in multiple products corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. network low complexity corosync debian redhat canonical CWE-190	7.5
2018-04-11	CVE-2018-1100	Classic Buffer Overflow vulnerability in multiple products zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. local low complexity zsh canonical redhat CWE-120	7.8
2018-04-03	CVE-2018-9240	NULL Pointer Dereference vulnerability in multiple products ncmpc through 0.29 is prone to a NULL pointer dereference flaw. network low complexity ncmpc-project debian canonical CWE-476	7.5
2018-04-03	CVE-2018-8780	Path Traversal vulnerability in Ruby-Lang Ruby In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. network low complexity ruby-lang canonical debian CWE-22	7.5
2018-03-28	CVE-2018-1083	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. local low complexity zsh canonical debian redhat CWE-119	7.8
2018-03-26	CVE-2018-1303	Out-of-bounds Read vulnerability in multiple products A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. network low complexity apache debian canonical netapp CWE-125	7.5