12.04

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-23	CVE-2018-1122	procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. local high complexity procps-ng-project canonical debian	7.0
2018-05-22	CVE-2018-3639	Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. local low complexity intel arm redhat debian canonical siemens oracle mitel sonicwall schneider-electric nvidia microsoft CWE-203	5.5
2018-05-16	CVE-2018-11214	An issue was discovered in libjpeg 9a. network low complexity ijg debian canonical	6.5
2018-05-16	CVE-2018-11213	An issue was discovered in libjpeg 9a. network low complexity ijg debian canonical	6.5
2018-05-16	CVE-2018-11212	Divide By Zero vulnerability in multiple products An issue was discovered in libjpeg 9a and 9d. network low complexity ijg debian canonical netapp oracle redhat opensuse CWE-369	6.5
2018-05-06	CVE-2018-0494	Improper Input Validation vulnerability in multiple products GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line. network low complexity gnu canonical debian redhat CWE-20	6.5
2018-04-29	CVE-2018-10548	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network low complexity php canonical debian netapp CWE-476	7.5
2018-04-29	CVE-2018-10547	Cross-site Scripting vulnerability in multiple products An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network low complexity php canonical debian netapp CWE-79	6.1
2018-04-29	CVE-2018-10545	Information Exposure vulnerability in multiple products An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. local high complexity php canonical debian netapp CWE-200	4.7
2018-04-23	CVE-2018-8781	Integer Overflow or Wraparound vulnerability in multiple products The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space. local low complexity linux canonical debian redhat CWE-190	7.8