High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-29	CVE-2018-14734	Use After Free vulnerability in multiple products drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). local low complexity linux canonical debian CWE-416	7.8
2018-07-28	CVE-2018-14682	Off-by-one Error vulnerability in multiple products An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. network low complexity cabextract cabextract-project debian canonical redhat CWE-193	8.8
2018-07-28	CVE-2018-14681	Out-of-bounds Write vulnerability in multiple products An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. network low complexity cabextract cabextract-project debian canonical redhat CWE-787	8.8
2018-07-28	CVE-2018-14678	Improper Initialization vulnerability in multiple products An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. local low complexity linux xen debian canonical CWE-665	7.8
2018-07-27	CVE-2016-9578	Improper Input Validation vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. network low complexity spice-project redhat debian CWE-20	7.5
2018-07-27	CVE-2016-9577	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. network low complexity spice-project redhat debian CWE-119	8.8
2018-07-27	CVE-2018-1056	Out-of-bounds Read vulnerability in multiple products An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. local low complexity advancemame canonical debian CWE-125	7.8
2018-07-27	CVE-2017-2624	Information Exposure vulnerability in multiple products It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. local high complexity x-org debian CWE-200	7.0
2018-07-27	CVE-2017-15119	Resource Exhaustion vulnerability in multiple products The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. network low complexity qemu canonical debian redhat CWE-400	8.6
2018-07-27	CVE-2017-2670	Infinite Loop vulnerability in multiple products It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS. network low complexity redhat debian CWE-835	7.5