High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-05	CVE-2018-1000180	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. network low complexity bouncycastle debian oracle netapp redhat CWE-327	7.5
2018-06-04	CVE-2016-1000343	Cryptographic Issues vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. network low complexity bouncycastle debian CWE-310	7.5
2018-06-04	CVE-2016-1000342	Improper Verification of Cryptographic Signature vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. network low complexity bouncycastle debian CWE-347	7.5
2018-05-30	CVE-2018-11235	Path Traversal vulnerability in multiple products In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. local low complexity debian canonical redhat git-scm gitforwindows CWE-22	7.8
2018-05-28	CVE-2018-11506	Out-of-bounds Write vulnerability in multiple products The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call. local low complexity linux canonical debian CWE-787	7.8
2018-05-26	CVE-2018-11490	Improper Validation of Array Index vulnerability in multiple products The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. network low complexity sam2p-project giflib-project debian canonical CWE-129	8.8
2018-05-23	CVE-2018-1125	Out-of-bounds Write vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. network low complexity procps-ng-project canonical debian opensuse CWE-787	7.5
2018-05-23	CVE-2018-1123	procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. network low complexity procps-ng-project canonical debian	7.5
2018-05-23	CVE-2018-1122	procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. local high complexity procps-ng-project canonical debian	7.0
2018-05-23	CVE-2018-1124	Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. local low complexity procps-ng-project canonical debian redhat schneider-electric opensuse CWE-190	7.8