High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-26	CVE-2017-15715	Improper Input Validation vulnerability in multiple products In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. network high complexity apache debian canonical netapp redhat CWE-20	8.1
2018-03-26	CVE-2017-15710	Out-of-bounds Write vulnerability in multiple products In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. network low complexity apache debian canonical netapp redhat CWE-787	7.5
2018-03-22	CVE-2018-8905	Out-of-bounds Write vulnerability in multiple products In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps. network low complexity libtiff debian canonical redhat CWE-787	8.8
2018-03-20	CVE-2018-8822	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute code. local low complexity linux canonical debian CWE-119	7.8
2018-03-14	CVE-2018-1000120	Out-of-bounds Write vulnerability in multiple products A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse. network low complexity debian canonical haxx redhat oracle CWE-787	7.5
2018-03-08	CVE-2018-7183	Out-of-bounds Write vulnerability in multiple products Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array. network low complexity ntp freebsd canonical netapp CWE-787	7.5
2018-03-02	CVE-2018-1058	A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. network low complexity postgresql canonical redhat	8.8
2018-03-02	CVE-2018-1066	NULL Pointer Dereference vulnerability in Linux Kernel The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery. network linux debian canonical CWE-476	7.1
2018-03-01	CVE-2017-18211	NULL Pointer Dereference vulnerability in multiple products In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel. network low complexity imagemagick canonical CWE-476	7.5
2018-03-01	CVE-2018-7584	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in PHP In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. network low complexity php canonical debian CWE-119	7.5