High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-13	CVE-2018-11385	Session Fixation vulnerability in multiple products An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. network high complexity sensiolabs debian fedoraproject CWE-384	8.1
2018-06-13	CVE-2018-12265	Integer Overflow or Wraparound vulnerability in multiple products Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp. network low complexity exiv2 debian canonical CWE-190	8.8
2018-06-13	CVE-2018-12264	Integer Overflow or Wraparound vulnerability in multiple products Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp. network low complexity exiv2 debian canonical CWE-190	8.8
2018-06-12	CVE-2018-5848	Integer Overflow or Wraparound vulnerability in multiple products In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. local low complexity google redhat debian CWE-190	7.8
2018-06-12	CVE-2018-0496	Path Traversal vulnerability in multiple products Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 (as well as in RTsoft's Dink Smallwood HD / ProtonSDK version) before 3.14 allow an attacker to overwrite arbitrary files on the user's system. network low complexity dinknetwork debian CWE-22	7.5
2018-06-12	CVE-2018-5814	Race Condition vulnerability in multiple products In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets. local high complexity linux debian canonical CWE-362	7.0
2018-06-12	CVE-2018-12249	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in mruby 1.4.1. network low complexity mruby debian CWE-476	7.5
2018-06-12	CVE-2018-0732	Key Management Errors vulnerability in multiple products During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. network low complexity openssl debian canonical nodejs CWE-320	7.5
2018-06-11	CVE-2018-5184	Inadequate Encryption Strength vulnerability in multiple products Using remote content in encrypted messages can lead to the disclosure of plaintext. network low complexity debian mozilla canonical redhat CWE-326	7.5
2018-06-11	CVE-2018-5178	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. network high complexity debian mozilla canonical redhat CWE-119	8.1