Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-02	CVE-2018-8037	Race Condition vulnerability in multiple products If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition existed that could result in a user seeing a response intended for a different user. network high complexity apache debian CWE-362	5.9
2018-08-02	CVE-2018-8032	Cross-site Scripting vulnerability in multiple products Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services. network low complexity apache oracle debian CWE-79	6.1
2018-08-01	CVE-2016-9572	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. network low complexity uclouvain debian CWE-476	6.5
2018-07-30	CVE-2018-10883	Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel's ext4 filesystem. local low complexity debian linux canonical redhat CWE-787	5.5
2018-07-29	CVE-2018-14734	Use After Free vulnerability in Linux Kernel drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). local low complexity linux canonical debian CWE-416	6.1
2018-07-28	CVE-2018-14682	Off-by-one Error vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. network cabextract cabextract-project debian canonical redhat CWE-193	6.8
2018-07-28	CVE-2018-14681	Out-of-bounds Write vulnerability in multiple products An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. network cabextract cabextract-project debian canonical redhat CWE-787	6.8
2018-07-28	CVE-2018-14680	Improper Input Validation vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. network cabextract cabextract-project debian canonical redhat CWE-20	4.3
2018-07-28	CVE-2018-14679	Off-by-one Error vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. network cabextract cabextract-project canonical debian redhat CWE-193	4.3
2018-07-28	CVE-2018-0497	ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. network arm debian	4.3