Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-08	CVE-2018-7867	Out-of-bounds Write vulnerability in multiple products There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 during a RegisterNumber sprintf. network low complexity libming debian CWE-787	6.5
2018-03-08	CVE-2018-7866	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. network low complexity libming debian CWE-476	6.5
2018-03-07	CVE-2018-7740	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call. local low complexity linux redhat debian canonical CWE-119	5.5
2018-03-06	CVE-2018-5729	NULL Pointer Dereference vulnerability in multiple products MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module. network low complexity mit fedoraproject debian redhat CWE-476	4.7
2018-03-06	CVE-2018-7730	Out-of-bounds Read vulnerability in multiple products An issue was discovered in Exempi through 2.4.4. local low complexity exempi-project debian canonical CWE-125	5.5
2018-03-06	CVE-2018-7728	Out-of-bounds Read vulnerability in multiple products An issue was discovered in Exempi through 2.4.4. local low complexity exempi-project canonical debian CWE-125	5.5
2018-03-05	CVE-2017-18219	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in GraphicsMagick 1.3.26. network low complexity graphicsmagick debian CWE-770	6.5
2018-03-02	CVE-2017-15130	A denial of service flaw was found in dovecot before 2.2.34. network high complexity dovecot debian canonical	5.9
2018-03-02	CVE-2018-1066	NULL Pointer Dereference vulnerability in multiple products The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery. network low complexity linux debian canonical CWE-476	6.5
2018-03-01	CVE-2017-6932	Open Redirect vulnerability in multiple products Drupal core 7.x versions before 7.57 has an external link injection vulnerability when the language switcher block is used. network high complexity drupal debian CWE-601	4.7