High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-12	CVE-2014-8129	Out-of-bounds Write vulnerability in multiple products LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c. network low complexity libtiff debian redhat apple CWE-787	8.8
2018-03-09	CVE-2018-7998	NULL Pointer Dereference vulnerability in multiple products In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. network high complexity libvips debian CWE-476	7.5
2018-03-07	CVE-2018-1000116	Out-of-bounds Write vulnerability in multiple products NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution. network low complexity net-snmp debian CWE-787	7.5
2018-03-02	CVE-2018-1066	NULL Pointer Dereference vulnerability in Linux Kernel The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery. network linux debian canonical CWE-476	7.1
2018-03-01	CVE-2018-7584	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in PHP In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. network low complexity php canonical debian CWE-119	7.5
2018-03-01	CVE-2018-7550	Out-of-bounds Write vulnerability in multiple products The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access. local low complexity qemu debian canonical redhat CWE-787	8.8
2018-02-28	CVE-2018-7554	Use After Free vulnerability in multiple products There is an invalid free in ReadImage in input-bmp.ci that leads to a Segmentation fault in sam2p 0.49.4. network low complexity sam2p-project debian CWE-416	7.5
2018-02-28	CVE-2018-7553	Out-of-bounds Write vulnerability in multiple products There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4. network low complexity sam2p-project debian CWE-787	7.5
2018-02-28	CVE-2018-7552	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp that leads to a Segmentation fault in sam2p 0.49.4. network low complexity sam2p-project debian CWE-119	7.5
2018-02-28	CVE-2018-7551	Use After Free vulnerability in multiple products There is an invalid free in MiniPS::delete0 in minips.cpp that leads to a Segmentation fault in sam2p 0.49.4. network low complexity sam2p-project debian CWE-416	7.5