Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-07	CVE-2018-16845	nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. local low complexity f5 debian canonical opensuse apple	6.1
2018-11-02	CVE-2018-18897	Missing Release of Resource after Effective Lifetime vulnerability in multiple products An issue was discovered in Poppler 0.71.0. network low complexity freedesktop debian canonical redhat CWE-772	6.5
2018-10-31	CVE-2018-18873	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in JasPer 2.0.14. local low complexity jasper-project canonical debian suse CWE-476	5.5
2018-10-30	CVE-2018-0734	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. network high complexity openssl canonical debian nodejs netapp oracle CWE-327	5.9
2018-10-29	CVE-2018-0735	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. network high complexity openssl canonical debian nodejs netapp oracle CWE-327	5.9
2018-10-29	CVE-2018-18710	Information Exposure vulnerability in multiple products An issue was discovered in the Linux kernel through 4.19. local low complexity linux canonical debian CWE-200	5.5
2018-10-26	CVE-2018-18690	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form. local low complexity linux canonical debian CWE-754	5.5
2018-10-26	CVE-2018-18661	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in LibTIFF 4.0.9. network low complexity libtiff canonical CWE-476	6.5
2018-10-25	CVE-2018-14665	Incorrect Authorization vulnerability in multiple products A flaw was found in xorg-x11-server before 1.20.3. low complexity x-org redhat canonical debian CWE-863	6.6
2018-10-23	CVE-2018-18585	NULL Pointer Dereference vulnerability in multiple products chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name). network low complexity kyzer debian redhat canonical suse starwindsoftware CWE-476	4.3