Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-18	CVE-2018-12361	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow can occur in the SwizzleData code while calculating buffer sizes. network low complexity mozilla debian canonical CWE-190	8.8
2018-10-18	CVE-2018-12360	Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. network low complexity redhat debian canonical mozilla CWE-416	8.8
2018-10-18	CVE-2018-12359	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. network low complexity redhat debian canonical mozilla CWE-119	8.8
2018-10-18	CVE-2018-12358	Information Exposure vulnerability in multiple products Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. network low complexity mozilla canonical CWE-200	4.3
2018-10-17	CVE-2018-18386	Incorrect Type Conversion or Cast vulnerability in multiple products drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ. local low complexity linux canonical CWE-704	3.3
2018-10-17	CVE-2018-18445	Out-of-bounds Read vulnerability in multiple products In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts. local low complexity linux canonical redhat CWE-125	7.8
2018-10-17	CVE-2018-10933	Improper Authentication vulnerability in multiple products A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. network low complexity libssh canonical debian redhat netapp oracle CWE-287 critical	9.1
2018-10-17	CVE-2018-18409	Out-of-bounds Read vulnerability in multiple products A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call. local low complexity digitalcorpora fedoraproject canonical CWE-125	5.5
2018-10-17	CVE-2018-3284	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network high complexity oracle canonical netapp mariadb	4.4
2018-10-17	CVE-2018-3283	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Logging). network high complexity oracle netapp canonical	4.4