High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-06	CVE-2018-5391	Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. network low complexity linux redhat debian canonical microsoft f5 siemens CWE-20	7.5
2018-09-04	CVE-2018-6555	Use After Free vulnerability in multiple products The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket. local low complexity linux debian canonical CWE-416	7.8
2018-08-31	CVE-2018-16276	Out-of-bounds Write vulnerability in multiple products An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. local low complexity linux debian canonical CWE-787	7.8
2018-08-30	CVE-2018-14619	Improper Input Validation vulnerability in Linux Kernel A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. local low complexity linux CWE-20	7.8
2018-08-21	CVE-2018-10902	Use After Free vulnerability in multiple products It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. local low complexity debian canonical linux redhat CWE-416	7.8
2018-08-17	CVE-2018-15471	Out-of-bounds Read vulnerability in multiple products An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. local low complexity xen linux canonical CWE-125	7.8
2018-08-06	CVE-2018-5390	Resource Exhaustion vulnerability in multiple products Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. network low complexity redhat linux canonical debian hp f5 a10networks cisco CWE-400	7.5
2018-07-30	CVE-2017-7518	Improper Handling of Exceptional Conditions vulnerability in multiple products A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. local low complexity redhat debian canonical linux CWE-755	7.8
2018-07-30	CVE-2017-7482	Integer Overflow or Wraparound vulnerability in multiple products In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. local low complexity linux debian redhat CWE-190	7.8
2018-07-29	CVE-2018-14734	Use After Free vulnerability in multiple products drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). local low complexity linux canonical debian CWE-416	7.8