High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-12	CVE-2018-5814	Race Condition vulnerability in multiple products In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets. local high complexity linux debian canonical CWE-362	7.0
2018-06-12	CVE-2018-12249	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in mruby 1.4.1. network low complexity mruby debian CWE-476	7.5
2018-06-12	CVE-2018-0732	Key Management Errors vulnerability in multiple products During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. network low complexity openssl debian canonical nodejs CWE-320	7.5
2018-06-11	CVE-2018-5184	Inadequate Encryption Strength vulnerability in multiple products Using remote content in encrypted messages can lead to the disclosure of plaintext. network low complexity debian mozilla canonical redhat CWE-326	7.5
2018-06-11	CVE-2018-5178	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. network high complexity debian mozilla canonical redhat CWE-119	8.1
2018-06-11	CVE-2018-5162	Missing Encryption of Sensitive Data vulnerability in multiple products Plaintext of decrypted emails can leak through the src attribute of remote images, or links. network low complexity redhat debian canonical mozilla CWE-311	7.5
2018-06-11	CVE-2018-5158	Code Injection vulnerability in multiple products The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. network low complexity debian redhat mozilla canonical CWE-94	8.8
2018-06-11	CVE-2018-5157	Origin Validation Error vulnerability in multiple products Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. network low complexity redhat debian canonical mozilla CWE-346	7.5
2018-06-11	CVE-2018-5146	Out-of-bounds Write vulnerability in multiple products An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. network low complexity redhat debian canonical mozilla CWE-787	8.8
2018-06-11	CVE-2018-5144	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow can occur during conversion of text to some Unicode character sets due to an unchecked length parameter. network low complexity redhat debian canonical mozilla CWE-190	7.3