18.04

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-03	CVE-2018-10855	Information Exposure Through Log Files vulnerability in multiple products Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. network redhat debian canonical CWE-532	4.3
2018-07-02	CVE-2018-12896	Integer Overflow or Wraparound vulnerability in Linux Kernel An issue was discovered in the Linux kernel through 4.17.3. local low complexity linux debian canonical CWE-190	2.1
2018-07-02	CVE-2018-0499	Cross-site Scripting vulnerability in multiple products A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet(). network xapian canonical CWE-79	4.3
2018-07-01	CVE-2018-13043	Code Injection vulnerability in multiple products scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing. network low complexity debian canonical CWE-94	7.5
2018-06-29	CVE-2018-10860	Path Traversal vulnerability in multiple products perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. network low complexity canonical debian perl-archive-zip-project CWE-22	6.4
2018-06-29	CVE-2018-13006	Out-of-bounds Read vulnerability in multiple products An issue was discovered in MP4Box in GPAC 0.7.1. network low complexity debian gpac canonical CWE-125	7.5
2018-06-29	CVE-2018-13005	Out-of-bounds Read vulnerability in multiple products An issue was discovered in MP4Box in GPAC 0.7.1. network low complexity debian gpac canonical CWE-125	7.5
2018-06-27	CVE-2018-12904	Unspecified vulnerability in Linux Kernel In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL. local linux canonical	4.4
2018-06-26	CVE-2018-12900	Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file. network libtiff canonical CWE-787	6.8
2018-06-26	CVE-2018-1000517	Classic Buffer Overflow vulnerability in multiple products BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. network low complexity busybox debian canonical CWE-120	7.5