High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-04	CVE-2018-9234	Key Management Errors vulnerability in multiple products GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey. network low complexity gnupg canonical CWE-320	7.5
2018-04-03	CVE-2018-9240	NULL Pointer Dereference vulnerability in multiple products ncmpc through 0.29 is prone to a NULL pointer dereference flaw. network low complexity ncmpc-project debian canonical CWE-476	7.5
2018-04-03	CVE-2018-8779	Improper Input Validation vulnerability in multiple products In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters. network low complexity ruby-lang canonical debian CWE-20	7.5
2018-04-03	CVE-2018-8778	Use of Externally-Controlled Format String vulnerability in multiple products In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format (similar to format string vulnerabilities) can trigger a buffer under-read in the String#unpack method, resulting in a massive and controlled information disclosure. network low complexity ruby-lang canonical debian redhat CWE-134	7.5
2018-04-03	CVE-2018-8777	Resource Exhaustion vulnerability in multiple products In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption). network low complexity ruby-lang debian canonical redhat CWE-400	7.5
2018-04-03	CVE-2018-6914	Path Traversal vulnerability in multiple products Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. network low complexity ruby-lang canonical debian redhat CWE-22	7.5
2018-04-03	CVE-2018-4165	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in certain Apple products. network low complexity apple webkitgtk canonical CWE-119	8.8
2018-04-03	CVE-2018-4163	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in certain Apple products. network low complexity apple webkitgtk canonical CWE-119	8.8
2018-04-03	CVE-2018-4162	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in certain Apple products. network low complexity apple canonical webkitgtk CWE-119	8.8
2018-04-03	CVE-2018-4161	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in certain Apple products. network low complexity apple canonical CWE-119	8.8