Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-29	CVE-2018-10549	Out-of-bounds Read vulnerability in PHP An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network php canonical debian netapp CWE-125	6.8
2018-04-29	CVE-2018-10548	NULL Pointer Dereference vulnerability in PHP An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network low complexity php canonical debian netapp CWE-476	5.0
2018-04-29	CVE-2018-10547	Cross-site Scripting vulnerability in PHP An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network php canonical debian netapp CWE-79	4.3
2018-04-29	CVE-2018-10546	Infinite Loop vulnerability in PHP An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network low complexity php canonical debian netapp CWE-835	5.0
2018-04-29	CVE-2018-10540	Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier for W64 input. local low complexity wavpack debian CWE-787	5.5
2018-04-29	CVE-2018-10539	Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. local low complexity wavpack debian CWE-787	5.5
2018-04-29	CVE-2018-10538	Out-of-bounds Write vulnerability in multiple products An issue was discovered in WavPack 5.1.0 and earlier for WAV input. local low complexity wavpack debian CWE-787	5.5
2018-04-27	CVE-2018-10471	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754. local low complexity xen debian CWE-787	4.9
2018-04-26	CVE-2018-10393	Out-of-bounds Read vulnerability in multiple products bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. network low complexity xiph-org debian redhat CWE-125	5.0
2018-04-26	CVE-2018-10392	Out-of-bounds Write vulnerability in multiple products mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. network xiph-org debian redhat CWE-787	6.8