High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-25	CVE-2018-6031	Use After Free vulnerability in multiple products Use after free in PDFium in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. network low complexity google redhat debian CWE-416	8.8
2018-09-25	CVE-2018-14647	Missing Initialization of Resource vulnerability in multiple products Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. network low complexity python canonical debian fedoraproject opensuse redhat CWE-909	7.5
2018-09-25	CVE-2018-14633	Stack-based Buffer Overflow vulnerability in multiple products A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. network high complexity linux debian canonical redhat CWE-121	7.0
2018-09-19	CVE-2018-17183	Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code. local low complexity debian canonical artifex redhat	7.8
2018-09-19	CVE-2018-17182	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 4.18.8. local low complexity linux canonical debian netapp CWE-416	7.8
2018-09-18	CVE-2018-16515	Improper Verification of Cryptographic Signature vulnerability in multiple products Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation. network low complexity matrix debian CWE-347	8.8
2018-09-17	CVE-2018-11781	Code Injection vulnerability in multiple products Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax. local low complexity apache redhat debian canonical CWE-94	7.8
2018-09-13	CVE-2018-16741	OS Command Injection vulnerability in multiple products An issue was discovered in mgetty before 1.2.1. local low complexity mgetty-project debian CWE-78	7.2
2018-09-12	CVE-2018-16981	Out-of-bounds Write vulnerability in multiple products stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function. network low complexity nothings debian CWE-787	8.8
2018-09-12	CVE-2018-16947	Improper Authentication vulnerability in multiple products An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. network low complexity openafs debian CWE-287	7.5