Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-26	CVE-2015-9261	NULL Pointer Dereference vulnerability in multiple products huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file. local low complexity busybox debian canonical CWE-476	5.5
2018-07-26	CVE-2018-10881	A flaw was found in the Linux kernel's ext4 filesystem. local low complexity debian canonical linux redhat	5.5
2018-07-26	CVE-2018-10876	A flaw was found in Linux kernel in the ext4 filesystem code. local low complexity linux canonical debian	5.5
2018-07-26	CVE-2018-0618	Cross-site Scripting vulnerability in multiple products Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity gnu debian CWE-79	5.4
2018-07-26	CVE-2017-7526	Cryptographic Issues vulnerability in multiple products libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. network high complexity gnupg canonical debian CWE-310	6.8
2018-07-25	CVE-2018-13988	Out-of-bounds Read vulnerability in multiple products Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. network low complexity freedesktop canonical debian redhat CWE-125	6.5
2018-07-25	CVE-2018-1002200	Path Traversal vulnerability in multiple products plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. local low complexity codehaus-plexus redhat debian CWE-22	5.5
2018-07-25	CVE-2018-10880	Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). local low complexity debian linux redhat canonical	5.5
2018-07-19	CVE-2018-14395	Divide By Zero vulnerability in multiple products libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format. network low complexity debian ffmpeg CWE-369	6.5
2018-07-18	CVE-2018-10877	Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image. local low complexity canonical linux debian redhat	6.5