High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-12	CVE-2018-18225	Incorrect Calculation vulnerability in multiple products In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. network low complexity wireshark debian opensuse CWE-682	7.5
2018-10-09	CVE-2018-17963	Integer Overflow or Wraparound vulnerability in multiple products qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. network low complexity qemu debian canonical redhat CWE-190	7.5
2018-10-06	CVE-2018-17456	Argument Injection or Modification vulnerability in multiple products Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character. network low complexity git-scm redhat canonical debian CWE-88	7.5
2018-10-03	CVE-2018-17540	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. network low complexity strongswan debian canonical CWE-119	7.5
2018-09-28	CVE-2018-14648	Resource Exhaustion vulnerability in multiple products A flaw was found in 389 Directory Server. network low complexity fedoraproject debian redhat CWE-400	7.8
2018-09-26	CVE-2018-16152	Improper Verification of Cryptographic Signature vulnerability in multiple products In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. network low complexity strongswan debian canonical CWE-347	7.5
2018-09-26	CVE-2018-16151	Improper Verification of Cryptographic Signature vulnerability in multiple products In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. network low complexity strongswan debian canonical CWE-347	7.5
2018-09-25	CVE-2018-6054	Use After Free vulnerability in multiple products Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. network low complexity google redhat debian CWE-416	8.8
2018-09-25	CVE-2018-6043	Improper Input Validation vulnerability in multiple products Insufficient data validation in External Protocol Handler in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially execute arbitrary programs on user machine via a crafted HTML page. network low complexity google debian redhat CWE-20	8.8
2018-09-25	CVE-2018-6035	Information Exposure vulnerability in multiple products Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension. network low complexity google debian redhat CWE-200	8.8