18.04

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-12	CVE-2018-7858	Out-of-bounds Read vulnerability in multiple products Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display. local low complexity qemu opensuse redhat canonical CWE-125	5.5
2018-03-08	CVE-2018-7183	Out-of-bounds Write vulnerability in multiple products Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array. network low complexity ntp freebsd canonical netapp CWE-787 critical	9.8
2018-03-08	CVE-2018-7755	Information Exposure vulnerability in multiple products An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. local low complexity linux canonical CWE-200	5.5
2018-03-07	CVE-2018-7752	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100. local low complexity gpac debian canonical CWE-119	7.8
2018-03-06	CVE-2018-7185	The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association. network low complexity ntp synology canonical netapp hpe oracle	7.5
2018-03-06	CVE-2018-7184	ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. network low complexity ntp synology slackware canonical netapp	7.5
2018-03-06	CVE-2018-7182	Out-of-bounds Read vulnerability in multiple products The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10. network low complexity ntp canonical netapp CWE-125	7.5
2018-03-06	CVE-2018-7726	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in ZZIPlib 0.13.68. network low complexity zziplib-project canonical redhat CWE-119	6.5
2018-03-06	CVE-2018-7725	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in ZZIPlib 0.13.68. network low complexity zziplib-project canonical redhat CWE-119	6.5
2018-03-06	CVE-2018-1000100	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. local low complexity gpac-project canonical CWE-119	7.8