High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-20	CVE-2018-1000222	Double Free vulnerability in multiple products Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . network low complexity libgd canonical debian CWE-415	8.8
2018-08-20	CVE-2018-1000632	XML Injection (aka Blind XPath Injection) vulnerability in multiple products dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. network low complexity dom4j-project debian oracle redhat netapp CWE-91	7.5
2018-08-18	CVE-2018-15494	Improper Encoding or Escaping of Output vulnerability in multiple products In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid. network low complexity dojotoolkit debian CWE-116	7.5
2018-08-14	CVE-2018-14348	Information Exposure vulnerability in multiple products libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information. network low complexity libcgroup-project debian fedoraproject CWE-200	8.1
2018-08-09	CVE-2018-10925	Incorrect Authorization vulnerability in multiple products It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... network low complexity canonical debian postgresql CWE-863	8.1
2018-08-06	CVE-2018-5390	Resource Exhaustion vulnerability in multiple products Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. network low complexity redhat linux canonical debian hp hpe f5 a10networks cisco CWE-400	7.5
2018-08-02	CVE-2018-1336	Infinite Loop vulnerability in multiple products An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. network low complexity apache redhat debian canonical CWE-835	7.5
2018-08-01	CVE-2015-9262	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products _XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow. network low complexity debian canonical x redhat CWE-119	7.5
2018-08-01	CVE-2018-8034	Improper Certificate Validation vulnerability in multiple products The host name verification when using TLS with the WebSocket client was missing. network low complexity apache debian canonical oracle CWE-295	7.5
2018-08-01	CVE-2016-8654	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. local low complexity jasper-project redhat debian CWE-119	7.8