18.04

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-24	CVE-2018-14600	Out-of-bounds Write vulnerability in multiple products An issue was discovered in libX11 through 1.6.5. network low complexity x-org canonical debian CWE-787	7.5
2018-08-24	CVE-2018-14599	Off-by-one Error vulnerability in multiple products An issue was discovered in libX11 through 1.6.5. network low complexity x-org debian canonical fedoraproject redhat CWE-193 critical	9.8
2018-08-24	CVE-2018-14598	Improper Input Validation vulnerability in multiple products An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. network low complexity x-org debian canonical fedoraproject CWE-20	7.5
2018-08-23	CVE-2018-15822	Reachable Assertion vulnerability in multiple products The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure. network low complexity ffmpeg debian canonical CWE-617	7.5
2018-08-22	CVE-2018-10919	Information Exposure vulnerability in multiple products The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. network low complexity canonical debian samba CWE-200	4.0
2018-08-22	CVE-2018-10918	NULL Pointer Dereference vulnerability in multiple products A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. network low complexity canonical samba CWE-476	4.0
2018-08-22	CVE-2018-10858	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. network low complexity debian canonical samba redhat CWE-119	6.5
2018-08-22	CVE-2018-1139	Insufficiently Protected Credentials vulnerability in multiple products A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. network samba redhat canonical CWE-522	4.3
2018-08-22	CVE-2018-10846	Covert Timing Channel vulnerability in multiple products A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. local high complexity gnu redhat canonical fedoraproject debian CWE-385	5.6
2018-08-22	CVE-2018-10845	Covert Timing Channel vulnerability in multiple products It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. network high complexity gnu redhat canonical fedoraproject debian CWE-385	5.9