High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-27	CVE-2017-15119	Resource Exhaustion vulnerability in multiple products The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. network low complexity qemu canonical debian redhat CWE-400	8.6
2018-07-26	CVE-2018-10879	A flaw was found in the Linux kernel's ext4 filesystem. local low complexity canonical linux debian redhat	7.8
2018-07-26	CVE-2018-10878	A flaw was found in the Linux kernel's ext4 filesystem. local low complexity canonical linux debian redhat	7.8
2018-07-19	CVE-2018-14404	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. network low complexity canonical debian xmlsoft CWE-476	7.5
2018-07-18	CVE-2018-3064	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle netapp canonical debian mariadb	7.1
2018-07-13	CVE-2018-10875	Untrusted Search Path vulnerability in multiple products A flaw was found in ansible. local low complexity redhat debian suse canonical CWE-426	7.8
2018-07-06	CVE-2018-13406	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. local low complexity linux canonical debian CWE-190	7.8
2018-07-06	CVE-2018-13405	Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. local low complexity linux debian canonical fedoraproject redhat f5 CWE-269	7.8
2018-06-29	CVE-2018-10860	Path Traversal vulnerability in multiple products perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. network low complexity debian canonical perl-archive-zip-project CWE-22	7.5
2018-06-28	CVE-2018-12931	Out-of-bounds Write vulnerability in multiple products ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. local low complexity linux canonical CWE-787	7.8