Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-02	CVE-2018-1336	Infinite Loop vulnerability in multiple products An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. network low complexity apache redhat debian canonical CWE-835	7.5
2018-08-01	CVE-2015-9262	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products _XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow. network low complexity debian canonical x redhat CWE-119 critical	9.8
2018-08-01	CVE-2018-8034	Improper Certificate Validation vulnerability in multiple products The host name verification when using TLS with the WebSocket client was missing. network low complexity apache debian canonical oracle CWE-295	7.5
2018-08-01	CVE-2018-10916	Improper Input Validation vulnerability in multiple products It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. network low complexity lftp-project canonical opensuse CWE-20	6.5
2018-07-30	CVE-2018-10903	Improper Input Validation vulnerability in multiple products A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. network low complexity cryptography canonical redhat CWE-20	7.5
2018-07-30	CVE-2018-10883	A flaw was found in the Linux kernel's ext4 filesystem. local low complexity debian linux canonical redhat	5.5
2018-07-30	CVE-2017-7518	Improper Handling of Exceptional Conditions vulnerability in multiple products A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. local low complexity redhat debian canonical linux CWE-755	7.8
2018-07-30	CVE-2016-9597	It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. network low complexity canonical xmlsoft debian hp opensuse	7.5
2018-07-29	CVE-2018-14734	Use After Free vulnerability in multiple products drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). local low complexity linux canonical debian CWE-416	7.8
2018-07-28	CVE-2018-14682	Off-by-one Error vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. network low complexity cabextract cabextract-project debian canonical redhat CWE-193	8.8