Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-26	CVE-2018-10876	Use After Free vulnerability in multiple products A flaw was found in Linux kernel in the ext4 filesystem code. local low complexity linux canonical debian CWE-416	5.5
2018-07-26	CVE-2017-12150	It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. network samba redhat debian	5.8
2018-07-26	CVE-2017-7526	Cryptographic Issues vulnerability in multiple products libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. network high complexity gnupg canonical debian CWE-310	6.8
2018-07-25	CVE-2018-13988	Out-of-bounds Read vulnerability in multiple products Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. network freedesktop canonical debian redhat CWE-125	4.3
2018-07-25	CVE-2018-1002200	Path Traversal vulnerability in multiple products plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. local low complexity codehaus-plexus redhat debian CWE-22	5.5
2018-07-25	CVE-2018-10880	Out-of-bounds Write vulnerability in multiple products Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). local low complexity debian linux redhat canonical CWE-787	5.5
2018-07-20	CVE-2018-14447	Out-of-bounds Read vulnerability in multiple products trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read. network libconfuse-project debian CWE-125	6.8
2018-07-19	CVE-2018-14423	Divide By Zero vulnerability in multiple products Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). network low complexity uclouvain debian CWE-369	5.0
2018-07-19	CVE-2018-14404	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. network low complexity canonical debian xmlsoft CWE-476	5.0
2018-07-19	CVE-2018-14395	Divide By Zero vulnerability in multiple products libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format. network debian ffmpeg CWE-369	4.3