High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-15	CVE-2018-17961	Information Exposure Through an Error Message vulnerability in multiple products Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. local low complexity artifex debian canonical redhat CWE-209	8.6
2018-10-09	CVE-2018-17963	Integer Overflow or Wraparound vulnerability in multiple products qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. network low complexity qemu debian canonical redhat CWE-190	7.5
2018-10-08	CVE-2018-1000807	Use After Free vulnerability in multiple products Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. network high complexity pyopenssl canonical redhat CWE-416	8.1
2018-10-06	CVE-2018-17456	Argument Injection or Modification vulnerability in multiple products Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character. network low complexity git-scm redhat canonical debian CWE-88	7.5
2018-10-03	CVE-2018-17540	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. network low complexity strongswan debian canonical CWE-119	7.5
2018-09-26	CVE-2018-16152	Improper Verification of Cryptographic Signature vulnerability in multiple products In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. network low complexity strongswan debian canonical CWE-347	7.5
2018-09-26	CVE-2018-16151	Improper Verification of Cryptographic Signature vulnerability in multiple products In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. network low complexity strongswan debian canonical CWE-347	7.5
2018-09-25	CVE-2018-14634	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. local low complexity linux redhat canonical netapp CWE-190	7.8
2018-09-25	CVE-2018-14647	Missing Initialization of Resource vulnerability in multiple products Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. network low complexity python canonical debian fedoraproject opensuse redhat CWE-909	7.5
2018-09-25	CVE-2018-14633	Stack-based Buffer Overflow vulnerability in multiple products A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. network high complexity linux debian canonical redhat CWE-121	7.0