14.04

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-28	CVE-2018-1083	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. local low complexity zsh canonical debian redhat CWE-119	7.8
2018-03-27	CVE-2018-0739	Uncontrolled Recursion vulnerability in multiple products Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. network low complexity openssl debian canonical CWE-674	6.5
2018-03-27	CVE-2018-0202	Out-of-bounds Read vulnerability in multiple products clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. network clamav canonical debian CWE-125	4.3
2018-03-27	CVE-2017-18254	Missing Release of Resource after Effective Lifetime vulnerability in multiple products An issue was discovered in ImageMagick 7.0.7. network imagemagick canonical CWE-772	4.3
2018-03-27	CVE-2017-18252	Reachable Assertion vulnerability in multiple products An issue was discovered in ImageMagick 7.0.7. network imagemagick canonical CWE-617	4.3
2018-03-27	CVE-2017-18251	Missing Release of Resource after Effective Lifetime vulnerability in multiple products An issue was discovered in ImageMagick 7.0.7. network imagemagick canonical CWE-772	4.3
2018-03-26	CVE-2018-1312	Improper Authentication vulnerability in multiple products In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. network low complexity apache canonical debian netapp redhat CWE-287 critical	9.8
2018-03-26	CVE-2018-1303	Out-of-bounds Read vulnerability in multiple products A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. network low complexity apache debian canonical netapp CWE-125	7.5
2018-03-26	CVE-2018-1301	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. network high complexity apache debian canonical netapp redhat CWE-119	5.9
2018-03-26	CVE-2018-1283	In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. network high complexity apache debian canonical netapp redhat	5.3