Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-02	CVE-2018-8032	Cross-site Scripting vulnerability in multiple products Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services. network low complexity apache oracle debian CWE-79	6.1
2018-08-01	CVE-2016-9572	A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. network low complexity uclouvain debian	6.5
2018-07-31	CVE-2018-14432	Information Exposure vulnerability in multiple products In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. network high complexity debian redhat openstack CWE-200	5.3
2018-07-30	CVE-2018-10883	A flaw was found in the Linux kernel's ext4 filesystem. local low complexity debian linux canonical redhat	5.5
2018-07-28	CVE-2018-14680	Improper Input Validation vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. network low complexity cabextract cabextract-project debian canonical redhat CWE-20	6.5
2018-07-28	CVE-2018-14679	Off-by-one Error vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. network low complexity cabextract cabextract-project debian canonical redhat CWE-193	6.5
2018-07-28	CVE-2018-0498	ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack. local high complexity arm debian	4.7
2018-07-28	CVE-2018-0497	ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. network high complexity arm debian	5.9
2018-07-27	CVE-2017-2618	A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. local low complexity linux redhat debian	5.5
2018-07-27	CVE-2017-2616	Race Condition vulnerability in multiple products A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. local high complexity util-linux-project redhat debian CWE-362	4.7