14.04

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-23	CVE-2018-1124	Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. local low complexity procps-ng-project canonical debian redhat schneider-electric opensuse CWE-190	4.6
2018-05-22	CVE-2018-3639	Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. local low complexity intel arm redhat debian canonical siemens oracle mitel sonicwall schneider-electric nvidia microsoft CWE-203	2.1
2018-05-18	CVE-2017-18273	Infinite Loop vulnerability in multiple products In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. network imagemagick debian canonical CWE-835	7.1
2018-05-18	CVE-2017-18271	Infinite Loop vulnerability in multiple products In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. network imagemagick canonical debian CWE-835	7.1
2018-05-16	CVE-2018-11214	An issue was discovered in libjpeg 9a. network ijg debian canonical	4.3
2018-05-16	CVE-2018-11213	An issue was discovered in libjpeg 9a. network ijg debian canonical	4.3
2018-05-16	CVE-2018-11212	Divide By Zero vulnerability in multiple products An issue was discovered in libjpeg 9a and 9d. network ijg debian canonical netapp oracle redhat opensuse CWE-369	4.3
2018-05-16	CVE-2018-8014	Insecure Default Initialization of Resource vulnerability in multiple products The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. network low complexity apache canonical debian netapp CWE-1188 critical	9.8
2018-05-15	CVE-2018-1087	kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. local low complexity linux canonical debian redhat	4.6
2018-05-12	CVE-2018-10999	Out-of-bounds Read vulnerability in multiple products An issue was discovered in Exiv2 0.26. network exiv2 debian canonical CWE-125	4.3