High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-25	CVE-2018-11040	Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser requests. network low complexity vmware oracle debian CWE-829	7.5
2018-06-21	CVE-2018-12617	Integer Overflow or Wraparound vulnerability in multiple products qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. network low complexity qemu canonical debian CWE-190	7.5
2018-06-21	CVE-2017-2669	Improper Input Validation vulnerability in multiple products Dovecot before version 2.2.29 is vulnerable to a denial of service. network low complexity dovecot debian CWE-20	7.5
2018-06-20	CVE-2018-12600	Out-of-bounds Write vulnerability in multiple products In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file. network low complexity debian canonical imagemagick CWE-787	8.8
2018-06-20	CVE-2018-12599	Out-of-bounds Write vulnerability in multiple products In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file. network low complexity debian canonical imagemagick CWE-787	8.8
2018-06-20	CVE-2018-10841	glusterfs is vulnerable to privilege escalation on gluster server nodes. network low complexity gluster debian	8.8
2018-06-19	CVE-2018-10811	Missing Initialization of Resource vulnerability in multiple products strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. network low complexity strongswan debian canonical fedoraproject CWE-909	7.5
2018-06-19	CVE-2018-1061	python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. network low complexity python debian redhat canonical fedoraproject	7.5
2018-06-19	CVE-2018-12565	Improper Input Validation vulnerability in multiple products An issue was discovered in Linaro LAVA before 2018.5.post1. network low complexity linaro debian CWE-20	8.8
2018-06-18	CVE-2018-1060	python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. network low complexity python fedoraproject canonical redhat debian	7.5