Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-03	CVE-2018-14773	An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. network low complexity sensiolabs debian drupal	6.5
2018-08-03	CVE-2018-14574	Open Redirect vulnerability in multiple products django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect. network low complexity djangoproject debian canonical CWE-601	6.1
2018-08-02	CVE-2018-14851	Out-of-bounds Read vulnerability in multiple products exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file. local low complexity php canonical debian netapp CWE-125	5.5
2018-08-02	CVE-2018-8037	Race Condition vulnerability in multiple products If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition existed that could result in a user seeing a response intended for a different user. network high complexity apache debian CWE-362	5.9
2018-08-02	CVE-2018-8032	Cross-site Scripting vulnerability in multiple products Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services. network low complexity apache oracle debian CWE-79	6.1
2018-08-01	CVE-2016-9572	A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. network low complexity uclouvain debian	6.5
2018-07-31	CVE-2018-14432	Information Exposure vulnerability in multiple products In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing projects. network high complexity debian redhat openstack CWE-200	5.3
2018-07-30	CVE-2018-10883	A flaw was found in the Linux kernel's ext4 filesystem. local low complexity debian linux canonical redhat	5.5
2018-07-28	CVE-2018-14680	Improper Input Validation vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. network low complexity cabextract cabextract-project debian canonical redhat CWE-20	6.5
2018-07-28	CVE-2018-14679	Off-by-one Error vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. network low complexity cabextract cabextract-project debian canonical redhat CWE-193	6.5