Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-08	CVE-2018-10805	Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. network low complexity imagemagick canonical CWE-772	6.5
2018-05-08	CVE-2018-10804	Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c. network low complexity imagemagick canonical CWE-772	6.5
2018-05-07	CVE-2018-10779	Out-of-bounds Read vulnerability in multiple products TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff. network low complexity libtiff canonical CWE-125	6.5
2018-05-06	CVE-2018-10768	NULL Pointer Dereference vulnerability in multiple products There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. network low complexity freedesktop canonical debian redhat CWE-476	6.5
2018-05-06	CVE-2018-0494	Improper Input Validation vulnerability in multiple products GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line. network low complexity gnu canonical debian redhat CWE-20	6.5
2018-04-29	CVE-2018-10547	Cross-site Scripting vulnerability in multiple products An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network low complexity php canonical debian netapp CWE-79	6.1
2018-04-29	CVE-2018-10545	Information Exposure vulnerability in multiple products An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. local high complexity php canonical debian netapp CWE-200	4.7
2018-04-24	CVE-2018-1059	Information Exposure vulnerability in multiple products The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. high complexity canonical redhat dpdk CWE-200	6.1
2018-04-24	CVE-2018-10323	NULL Pointer Dereference vulnerability in multiple products The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image. local low complexity linux canonical debian CWE-476	5.5
2018-04-23	CVE-2018-1106	Improper Authentication vulnerability in multiple products An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. local low complexity packagekit-project redhat canonical debian CWE-287	5.5