High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-28	CVE-2018-14681	Out-of-bounds Write vulnerability in multiple products An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. network low complexity cabextract cabextract-project debian canonical redhat CWE-787	8.8
2018-07-28	CVE-2018-14678	Improper Initialization vulnerability in multiple products An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. local low complexity linux xen debian canonical CWE-665	7.8
2018-07-27	CVE-2016-9578	Improper Input Validation vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. network low complexity spice-project redhat debian CWE-20	7.5
2018-07-27	CVE-2016-9577	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. network low complexity spice-project redhat debian CWE-119	8.8
2018-07-27	CVE-2018-1056	Out-of-bounds Read vulnerability in multiple products An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. local low complexity advancemame canonical debian CWE-125	7.8
2018-07-27	CVE-2017-2624	Information Exposure vulnerability in multiple products It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. local high complexity x-org debian CWE-200	7.0
2018-07-27	CVE-2017-15119	Resource Exhaustion vulnerability in multiple products The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. network low complexity qemu canonical debian redhat CWE-400	8.6
2018-07-27	CVE-2017-2670	Infinite Loop vulnerability in multiple products It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS. network low complexity redhat debian CWE-835	7.5
2018-07-27	CVE-2017-15120	NULL Pointer Dereference vulnerability in multiple products An issue has been found in the parsing of authoritative answers in PowerDNS Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. network low complexity powerdns debian CWE-476	7.5
2018-07-27	CVE-2017-12151	Cryptographic Issues vulnerability in multiple products A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. network high complexity samba redhat debian hp CWE-310	7.4