18.10

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-29	CVE-2019-11596	NULL Pointer Dereference vulnerability in multiple products In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. network low complexity memcached canonical CWE-476	7.5
2019-04-24	CVE-2019-3882	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. local low complexity linux fedoraproject debian canonical opensuse netapp CWE-770	5.5
2019-04-24	CVE-2019-9928	Out-of-bounds Write vulnerability in multiple products GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution. network gstreamer-project debian canonical CWE-787	6.8
2019-04-24	CVE-2019-11498	Access of Uninitialized Pointer vulnerability in multiple products WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file that lacks valid sample-rate data. network low complexity wavpack canonical fedoraproject debian CWE-824	6.5
2019-04-23	CVE-2019-2698	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). network oracle redhat debian opensuse canonical hp	6.8
2019-04-23	CVE-2019-2697	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). network oracle canonical redhat hp	6.8
2019-04-23	CVE-2019-2684	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). network high complexity oracle redhat opensuse debian apache canonical hp	5.9
2019-04-23	CVE-2019-2683	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). network low complexity oracle canonical redhat	4.9
2019-04-23	CVE-2019-2632	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). network low complexity oracle canonical	5.0
2019-04-23	CVE-2019-2628	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle canonical mariadb opensuse redhat	4.0