High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-08	CVE-2018-1000178	Out-of-bounds Write vulnerability in multiple products A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely. network low complexity quassel-irc debian CWE-787	7.5
2018-05-08	CVE-2018-10380	Link Following vulnerability in multiple products kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack. local low complexity kde debian opensuse CWE-59	7.2
2018-05-01	CVE-2017-18264	An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before 4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. network low complexity phpmyadmin debian	7.5
2018-05-01	CVE-2018-10583	Information Exposure vulnerability in multiple products An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. network low complexity libreoffice apache debian redhat canonical CWE-200	7.5
2018-04-29	CVE-2018-10537	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier. local low complexity wavpack debian CWE-119	7.8
2018-04-29	CVE-2018-10536	Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier. local low complexity wavpack debian CWE-787	7.8
2018-04-26	CVE-2016-9602	Link Following vulnerability in multiple products Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. network low complexity qemu debian CWE-59	8.8
2018-04-24	CVE-2018-3836	OS Command Injection vulnerability in multiple products An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. local low complexity leptonica debian CWE-78	7.8
2018-04-24	CVE-2017-2885	Out-of-bounds Write vulnerability in multiple products An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. network low complexity gnome debian redhat CWE-787	7.5
2018-04-24	CVE-2017-14448	Out-of-bounds Write vulnerability in multiple products An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. network low complexity libsdl debian CWE-787	8.8