14.04

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-18	CVE-2018-12360	Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. network low complexity redhat debian canonical mozilla CWE-416	8.8
2018-10-18	CVE-2018-12359	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. network redhat debian canonical mozilla CWE-119	6.8
2018-10-18	CVE-2018-12358	Information Exposure vulnerability in multiple products Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. network mozilla canonical CWE-200	4.3
2018-10-17	CVE-2018-18386	Incorrect Type Conversion or Cast vulnerability in Linux Kernel drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ. local low complexity linux canonical CWE-704	2.1
2018-10-17	CVE-2018-18445	Out-of-bounds Read vulnerability in multiple products In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts. local low complexity linux canonical redhat CWE-125	7.8
2018-10-17	CVE-2018-10933	Improper Authentication vulnerability in multiple products A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. network low complexity libssh canonical debian redhat netapp oracle CWE-287	6.4
2018-10-17	CVE-2018-3284	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network high complexity oracle canonical netapp mariadb	4.4
2018-10-17	CVE-2018-3283	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Logging). network oracle netapp microsoft canonical	3.5
2018-10-17	CVE-2018-3282	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). network low complexity oracle netapp canonical debian mariadb redhat	4.9
2018-10-17	CVE-2018-3278	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: RBR). network low complexity oracle netapp microsoft canonical	4.0