High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-21	CVE-2018-10902	Use After Free vulnerability in multiple products It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. local low complexity debian canonical linux redhat CWE-416	7.8
2018-08-21	CVE-2018-6557	Link Following vulnerability in multiple products The MOTD update script in the base-files package in Ubuntu 18.04 LTS before 10.1ubuntu2.2, and Ubuntu 18.10 before 10.1ubuntu6 incorrectly handled temporary files. local high complexity canonical base-files-project CWE-59	7.0
2018-08-20	CVE-2018-1000222	Double Free vulnerability in multiple products Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . network low complexity libgd canonical debian CWE-415	8.8
2018-08-17	CVE-2018-15471	Out-of-bounds Read vulnerability in multiple products An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. local low complexity xen linux canonical CWE-125	7.8
2018-08-09	CVE-2018-10925	Incorrect Authorization vulnerability in multiple products It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... network low complexity canonical debian postgresql CWE-863	8.1
2018-08-06	CVE-2018-5390	Resource Exhaustion vulnerability in multiple products Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. network low complexity redhat linux canonical debian hp hpe f5 a10networks cisco CWE-400	7.5
2018-08-02	CVE-2018-1336	Infinite Loop vulnerability in multiple products An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. network low complexity apache redhat debian canonical CWE-835	7.5
2018-08-01	CVE-2015-9262	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products _XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow. network low complexity debian canonical x redhat CWE-119	7.5
2018-08-01	CVE-2018-8034	Improper Certificate Validation vulnerability in multiple products The host name verification when using TLS with the WebSocket client was missing. network low complexity apache debian canonical oracle CWE-295	7.5
2018-08-01	CVE-2018-10916	Improper Input Validation vulnerability in multiple products It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. network lftp-project canonical opensuse CWE-20	7.8