14.04

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-19	CVE-2018-10811	Missing Initialization of Resource vulnerability in multiple products strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. network low complexity strongswan debian canonical fedoraproject CWE-909	7.5
2018-06-19	CVE-2018-1061	python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. network low complexity python debian redhat canonical fedoraproject	7.5
2018-06-18	CVE-2018-1152	Divide By Zero vulnerability in multiple products libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image. network libjpeg-turbo canonical debian CWE-369	4.3
2018-06-18	CVE-2018-1060	python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. network low complexity python fedoraproject canonical redhat debian	7.5
2018-06-14	CVE-2018-11574	Integer Overflow or Wraparound vulnerability in multiple products Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. network low complexity point-to-point-protocol-project canonical CWE-190 critical	9.8
2018-06-13	CVE-2018-0495	Information Exposure Through Discrepancy vulnerability in multiple products Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. local high complexity gnupg canonical debian redhat oracle CWE-203	4.7
2018-06-13	CVE-2018-11806	Out-of-bounds Write vulnerability in multiple products m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. local low complexity qemu canonical redhat debian CWE-787	7.2
2018-06-13	CVE-2018-12265	Out-of-bounds Read vulnerability in multiple products Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp. network exiv2 debian canonical CWE-125	6.8
2018-06-13	CVE-2018-12264	Out-of-bounds Read vulnerability in multiple products Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp. network exiv2 debian canonical CWE-125	6.8
2018-06-12	CVE-2018-0732	Key Management Errors vulnerability in multiple products During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. network low complexity openssl debian canonical nodejs CWE-320	7.5