High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-24	CVE-2017-18075	Release of Invalid Pointer or Reference vulnerability in multiple products crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls. local low complexity linux canonical CWE-763	7.8
2018-01-21	CVE-2016-10708	NULL Pointer Dereference vulnerability in multiple products sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c. network low complexity openbsd debian canonical netapp CWE-476	7.5
2018-01-18	CVE-2018-2637	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). network high complexity oracle redhat debian canonical schneider-electric hp	7.4
2018-01-18	CVE-2018-2633	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). network high complexity oracle redhat debian canonical schneider-electric hp	8.3
2018-01-18	CVE-2018-2612	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle mariadb netapp canonical debian	7.5
2018-01-18	CVE-2018-2562	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). network low complexity oracle mariadb debian canonical netapp redhat	7.5
2018-01-17	CVE-2018-5764	The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism. network low complexity samba debian canonical	7.5
2018-01-12	CVE-2017-18028	Allocation of Resources Without Limits or Throttling vulnerability in multiple products In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file. network imagemagick canonical CWE-770	7.1
2018-01-11	CVE-2018-5332	Out-of-bounds Write vulnerability in multiple products In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c). local low complexity linux debian canonical CWE-787	7.8
2018-01-03	CVE-2017-1000476	Resource Exhaustion vulnerability in multiple products ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. network imagemagick debian canonical CWE-400	7.1