Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-16	CVE-2018-14567	Infinite Loop vulnerability in multiple products libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251. network low complexity xmlsoft debian canonical CWE-835	6.5
2018-08-08	CVE-2018-14526	Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in multiple products An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. low complexity canonical debian w1-fi CWE-924	6.5
2018-08-06	CVE-2018-7073	Exposure of Resource to Wrong Sphere vulnerability in multiple products A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24. local low complexity hp canonical CWE-668	5.5
2018-08-03	CVE-2018-14574	Open Redirect vulnerability in multiple products django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect. network low complexity djangoproject debian canonical CWE-601	6.1
2018-08-02	CVE-2018-14851	Out-of-bounds Read vulnerability in multiple products exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file. local low complexity php canonical debian netapp CWE-125	5.5
2018-08-01	CVE-2018-10916	Improper Input Validation vulnerability in multiple products It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. network low complexity lftp-project canonical opensuse CWE-20	6.5
2018-07-30	CVE-2018-10883	A flaw was found in the Linux kernel's ext4 filesystem. local low complexity debian linux canonical redhat	5.5
2018-07-28	CVE-2018-14680	Improper Input Validation vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. network low complexity cabextract cabextract-project debian canonical redhat CWE-20	6.5
2018-07-28	CVE-2018-14679	Off-by-one Error vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. network low complexity cabextract cabextract-project debian canonical redhat CWE-193	6.5
2018-07-27	CVE-2018-10882	A flaw was found in the Linux kernel's ext4 filesystem. local low complexity linux debian canonical redhat	5.5