High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-07	CVE-2018-16844	Resource Exhaustion vulnerability in multiple products nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. network low complexity f5 debian canonical apple CWE-400	7.8
2018-11-07	CVE-2018-16843	Resource Exhaustion vulnerability in multiple products nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. network low complexity f5 debian canonical opensuse apple CWE-400	7.8
2018-11-06	CVE-2018-16472	Improper Input Validation vulnerability in multiple products A prototype pollution attack in cached-path-relative versions <=1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all the JS objects through the prototype chain causing a DoS attack. network low complexity cached-path-relative-project debian CWE-20	7.5
2018-11-06	CVE-2018-9516	Out-of-bounds Write vulnerability in multiple products In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. local low complexity google debian canonical CWE-787	7.2
2018-11-06	CVE-2018-9422	Use After Free vulnerability in multiple products In get_futex_key of futex.c, there is a use-after-free due to improper locking. local low complexity google debian CWE-416	7.2
2018-11-06	CVE-2018-9363	Integer Overflow or Wraparound vulnerability in multiple products In the hidp_process_report in bluetooth, there is an integer overflow. local low complexity google canonical debian linux CWE-190	8.4
2018-10-31	CVE-2018-14651	Link Following vulnerability in multiple products It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. network low complexity debian redhat gluster CWE-59	8.8
2018-10-31	CVE-2016-6328	Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in libexif. network low complexity libexif-project debian canonical CWE-190	8.1
2018-10-31	CVE-2018-11759	Path Traversal vulnerability in multiple products The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. network low complexity apache debian redhat CWE-22	7.5
2018-10-31	CVE-2018-14653	Heap-based Buffer Overflow vulnerability in multiple products The Gluster file system through versions 4.1.4 and 3.12 is vulnerable to a heap-based buffer overflow in the '__server_getspec' function via the 'gf_getspec_req' RPC message. network low complexity redhat debian CWE-122	8.8