High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-27	CVE-2018-15908	In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files. local low complexity artifex debian canonical redhat	7.8
2018-08-27	CVE-2018-10938	Infinite Loop vulnerability in multiple products A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. network linux canonical debian CWE-835	7.1
2018-08-24	CVE-2018-14600	Out-of-bounds Write vulnerability in multiple products An issue was discovered in libX11 through 1.6.5. network low complexity x-org canonical debian CWE-787	7.5
2018-08-24	CVE-2018-14598	Improper Input Validation vulnerability in multiple products An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. network low complexity x-org debian canonical fedoraproject CWE-20	7.5
2018-08-23	CVE-2018-15822	Reachable Assertion vulnerability in multiple products The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure. network low complexity ffmpeg debian canonical CWE-617	7.5
2018-08-21	CVE-2018-10902	Use After Free vulnerability in multiple products It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. local low complexity debian canonical linux redhat CWE-416	7.8
2018-08-20	CVE-2018-1000222	Double Free vulnerability in multiple products Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . network low complexity libgd canonical debian CWE-415	8.8
2018-08-20	CVE-2018-1000632	XML Injection (aka Blind XPath Injection) vulnerability in multiple products dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. network low complexity dom4j-project debian oracle redhat netapp CWE-91	7.5
2018-08-18	CVE-2018-15494	Improper Encoding or Escaping of Output vulnerability in multiple products In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid. network low complexity dojotoolkit debian CWE-116	7.5
2018-08-14	CVE-2018-14348	Information Exposure vulnerability in multiple products libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information. network low complexity libcgroup-project debian fedoraproject CWE-200	8.1