High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-31	CVE-2018-11759	Path Traversal vulnerability in multiple products The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. network low complexity apache debian redhat CWE-22	7.5
2018-10-31	CVE-2018-14653	The Gluster file system through versions 4.1.4 and 3.12 is vulnerable to a heap-based buffer overflow in the '__server_getspec' function via the 'gf_getspec_req' RPC message. network low complexity redhat debian	8.8
2018-10-30	CVE-2018-18281	Incomplete Cleanup vulnerability in multiple products Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. local low complexity linux canonical debian CWE-459	7.8
2018-10-29	CVE-2018-18718	Double Free vulnerability in multiple products An issue was discovered in gThumb through 3.6.2. local low complexity gnome debian CWE-415	7.8
2018-10-26	CVE-2018-15688	Classic Buffer Overflow vulnerability in multiple products A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. low complexity systemd-project debian canonical redhat CWE-120	8.8
2018-10-26	CVE-2018-15686	Deserialization of Untrusted Data vulnerability in multiple products A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. local low complexity debian canonical systemd-project oracle CWE-502	7.8
2018-10-24	CVE-2016-10729	Command Injection vulnerability in multiple products An issue was discovered in Amanda 3.3.1. local low complexity zmanda redhat debian CWE-77	7.8
2018-10-23	CVE-2018-16837	Missing Encryption of Sensitive Data vulnerability in multiple products Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. local low complexity redhat debian suse CWE-311	7.8
2018-10-22	CVE-2018-18557	Out-of-bounds Write vulnerability in multiple products LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write. network low complexity libtiff debian canonical CWE-787	8.8
2018-10-20	CVE-2018-18541	Improper Input Validation vulnerability in multiple products In Teeworlds before 0.6.5, connection packets could be forged. network low complexity teeworlds debian CWE-20	7.5