High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-10	CVE-2018-3839	Out-of-bounds Write vulnerability in multiple products An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. network low complexity libsdl debian starwindsoftware CWE-787	8.8
2018-04-09	CVE-2018-1308	XXE vulnerability in multiple products This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion (XXE) in the `&dataConfig=<inlinexml>` parameter of Solr's DataImportHandler. network low complexity apache debian CWE-611	7.5
2018-04-07	CVE-2018-9846	Improper Input Validation vulnerability in multiple products In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "_uid" parameter (in an archive.php _task=mail&_mbox=INBOX&_action=plugin.move2archive request) to perform an MX (IMAP) injection attack by placing an IMAP command after a %0d%0a sequence. network low complexity roundcube debian CWE-20	8.8
2018-04-04	CVE-2018-9273	Missing Release of Resource after Effective Lifetime vulnerability in multiple products In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak. network low complexity wireshark debian CWE-772	7.5
2018-04-04	CVE-2018-9270	Missing Release of Resource after Effective Lifetime vulnerability in multiple products In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak. network low complexity wireshark debian CWE-772	7.5
2018-04-04	CVE-2018-9269	Missing Release of Resource after Effective Lifetime vulnerability in multiple products In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak. network low complexity wireshark debian CWE-772	7.5
2018-04-04	CVE-2018-9268	Missing Release of Resource after Effective Lifetime vulnerability in multiple products In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-smb2.c has a memory leak. network low complexity wireshark debian CWE-772	7.5
2018-04-04	CVE-2018-9267	Missing Release of Resource after Effective Lifetime vulnerability in multiple products In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-lapd.c has a memory leak. network low complexity wireshark debian CWE-772	7.5
2018-04-04	CVE-2018-9265	Missing Release of Resource after Effective Lifetime vulnerability in multiple products In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-tn3270.c has a memory leak. network low complexity wireshark debian CWE-772	7.5
2018-04-04	CVE-2018-9264	Out-of-bounds Write vulnerability in multiple products In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow. network low complexity wireshark debian CWE-787	7.5