14.04

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-02	CVE-2018-12896	Integer Overflow or Wraparound vulnerability in Linux Kernel An issue was discovered in the Linux kernel through 4.17.3. local low complexity linux debian canonical CWE-190	2.1
2018-07-02	CVE-2018-13053	Integer Overflow or Wraparound vulnerability in Linux Kernel The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. local low complexity linux canonical debian CWE-190	2.1
2018-06-29	CVE-2018-10860	Path Traversal vulnerability in multiple products perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. network low complexity canonical debian perl-archive-zip-project CWE-22	6.4
2018-06-26	CVE-2018-12900	Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file. network libtiff canonical CWE-787	6.8
2018-06-26	CVE-2018-1000517	Classic Buffer Overflow vulnerability in multiple products BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. network low complexity busybox debian canonical CWE-120	7.5
2018-06-26	CVE-2018-1000204	Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. network high complexity linux debian canonical	5.3
2018-06-21	CVE-2018-3665	Information Exposure vulnerability in multiple products System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. local intel citrix canonical debian freebsd redhat CWE-200	4.7
2018-06-21	CVE-2018-12617	Integer Overflow or Wraparound vulnerability in multiple products qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. network low complexity qemu canonical debian CWE-190	5.0
2018-06-20	CVE-2018-12600	Out-of-bounds Write vulnerability in multiple products In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file. network canonical debian imagemagick CWE-787	6.8
2018-06-20	CVE-2018-12599	Out-of-bounds Write vulnerability in multiple products In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file. network canonical debian imagemagick CWE-787	6.8