Vulnerabilities > Canonical > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-29 | CVE-2018-10549 | Out-of-bounds Read vulnerability in PHP An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. | 6.8 |
| 2018-04-29 | CVE-2018-10548 | NULL Pointer Dereference vulnerability in PHP An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. | 5.0 |
| 2018-04-29 | CVE-2018-10547 | Cross-site Scripting vulnerability in PHP An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. | 4.3 |
| 2018-04-29 | CVE-2018-10546 | Infinite Loop vulnerability in PHP An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. | 5.0 |
| 2018-04-29 | CVE-2018-10529 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in LibRaw 0.18.9. | 6.8 |
| 2018-04-29 | CVE-2018-10528 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in LibRaw 0.18.9. | 6.8 |
| 2018-04-24 | CVE-2018-10323 | NULL Pointer Dereference vulnerability in multiple products The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image. | 4.9 |
| 2018-04-19 | CVE-2018-2846 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). | 4.0 |
| 2018-04-19 | CVE-2018-2839 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). | 4.0 |
| 2018-04-19 | CVE-2018-2819 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.0 |