High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-30	CVE-2017-2591	Out-of-bounds Read vulnerability in multiple products 389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. network low complexity fedoraproject redhat CWE-125	7.5
2018-04-16	CVE-2018-3849	Out-of-bounds Write vulnerability in multiple products In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. network low complexity nasa fedoraproject CWE-787	8.8
2018-04-16	CVE-2018-3848	Out-of-bounds Write vulnerability in multiple products In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. network low complexity nasa fedoraproject CWE-787	8.8
2018-04-16	CVE-2018-3846	Out-of-bounds Write vulnerability in multiple products In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. network low complexity nasa fedoraproject CWE-787	8.8
2018-04-03	CVE-2018-1098	A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. network low complexity redhat fedoraproject	8.8
2018-03-19	CVE-2018-7262	NULL Pointer Dereference vulnerability in multiple products In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw doesn't handle malformed HTTP headers properly, allowing for denial of service. network low complexity redhat fedoraproject CWE-476	7.5
2018-03-08	CVE-2014-7272	Permissions, Privileges, and Access Controls vulnerability in multiple products Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases). local low complexity sddm-project fedoraproject CWE-264	7.8
2018-03-08	CVE-2014-7271	Missing Authentication for Critical Function vulnerability in multiple products Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm" without authentication. local low complexity sddm-project fedoraproject CWE-306	7.8
2018-03-07	CVE-2018-1054	Out-of-bounds Read vulnerability in multiple products An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. network low complexity fedoraproject redhat CWE-125	7.5
2018-03-01	CVE-2017-15134	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. network low complexity fedoraproject redhat CWE-119	7.5