17.10

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-24	CVE-2018-11410	Use After Free vulnerability in multiple products An issue was discovered in Liblouis 3.5.0. network low complexity liblouis canonical CWE-416 critical	9.8
2018-05-23	CVE-2018-1125	Out-of-bounds Write vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. network low complexity procps-ng-project canonical debian opensuse CWE-787	7.5
2018-05-23	CVE-2018-1123	procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. network low complexity procps-ng-project canonical debian	7.5
2018-05-23	CVE-2018-1122	procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. local high complexity procps-ng-project canonical debian	7.0
2018-05-23	CVE-2018-1126	Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. network low complexity procps-ng-project canonical debian redhat schneider-electric CWE-190 critical	9.8
2018-05-23	CVE-2018-1124	Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. local low complexity procps-ng-project canonical debian redhat schneider-electric opensuse CWE-190	7.8
2018-05-22	CVE-2018-3639	Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. local low complexity intel arm redhat debian canonical siemens oracle mitel sonicwall schneider-electric nvidia microsoft CWE-203	5.5
2018-05-18	CVE-2017-18273	Infinite Loop vulnerability in multiple products In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call. network low complexity imagemagick debian canonical CWE-835	6.5
2018-05-18	CVE-2017-18271	Infinite Loop vulnerability in multiple products In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file. network low complexity imagemagick canonical debian CWE-835	6.5
2018-05-16	CVE-2018-11214	An issue was discovered in libjpeg 9a. network low complexity ijg debian canonical	6.5