High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-10	CVE-2018-10887	Incorrect Conversion between Numeric Types vulnerability in multiple products A flaw was found in libgit2 before version 0.27.3. network low complexity libgit2 debian CWE-681	8.1
2018-07-06	CVE-2018-13406	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. local low complexity linux canonical debian CWE-190	7.8
2018-07-06	CVE-2018-13405	Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. local low complexity linux debian canonical fedoraproject redhat f5 CWE-269	7.8
2018-07-01	CVE-2018-13043	Code Injection vulnerability in multiple products scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing. network low complexity debian canonical CWE-94	7.5
2018-06-29	CVE-2018-13006	Out-of-bounds Read vulnerability in multiple products An issue was discovered in MP4Box in GPAC 0.7.1. network low complexity debian gpac canonical CWE-125	7.5
2018-06-29	CVE-2018-13005	Out-of-bounds Read vulnerability in multiple products An issue was discovered in MP4Box in GPAC 0.7.1. network low complexity debian gpac canonical CWE-125	7.5
2018-06-26	CVE-2018-1000550	Path Traversal vulnerability in multiple products The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. network low complexity sympa debian CWE-22	7.5
2018-06-26	CVE-2018-1000544	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. network low complexity rubyzip-project debian redhat CWE-434	7.5
2018-06-26	CVE-2018-1000517	Classic Buffer Overflow vulnerability in multiple products BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. network low complexity busybox debian canonical CWE-120	7.5
2018-06-26	CVE-2017-7656	In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. network low complexity eclipse debian	7.5