High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-20	CVE-2017-2825	In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. network high complexity zabbix debian	7.0
2018-04-20	CVE-2014-10073	Path Traversal vulnerability in multiple products The create_response function in server/server.c in Psensor before 1.1.4 allows Directory Traversal because it lacks a check for whether a file is under the webserver directory. network low complexity wpitchoune debian CWE-22	7.5
2018-04-19	CVE-2018-2814	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). network high complexity oracle redhat debian canonical schneider-electric hp	8.3
2018-04-19	CVE-2018-2794	Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). local high complexity oracle redhat debian canonical hp schneider-electric	7.7
2018-04-19	CVE-2018-2755	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). local high complexity oracle debian canonical mariadb netapp redhat	7.7
2018-04-18	CVE-2018-10194	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. local low complexity artifex canonical debian redhat CWE-119	7.8
2018-04-18	CVE-2018-1000164	CRLF Injection vulnerability in multiple products gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in "process_headers" function in "gunicorn/http/wsgi.py" that can result in an attacker causing the server to return arbitrary HTTP headers. network low complexity gunicorn debian CWE-93	7.5
2018-04-18	CVE-2018-1088	A privilege escalation flaw was found in gluster 3.x snapshot scheduler. network high complexity redhat opensuse debian	8.1
2018-04-17	CVE-2018-6798	Out-of-bounds Read vulnerability in multiple products An issue was discovered in Perl 5.22 through 5.26. network low complexity debian perl canonical redhat CWE-125	7.5
2018-04-16	CVE-2018-10120	Improper Validation of Array Index vulnerability in multiple products The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record. local low complexity debian libreoffice redhat canonical CWE-129	7.8