| 2018-10-17 | CVE-2018-3155 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). | 4.0 |
| 2018-10-17 | CVE-2018-3145 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). | 6.5 |
| 2018-10-17 | CVE-2018-3144 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). | 4.3 |
| 2018-10-17 | CVE-2018-3143 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.0 |
| 2018-10-17 | CVE-2018-3137 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 6.5 |
| 2018-09-25 | CVE-2018-11763 | In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. | 5.9 |
| 2018-09-16 | CVE-2018-17082 | Cross-site Scripting vulnerability in PHP
The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c. | 4.3 |
| 2018-08-07 | CVE-2018-15132 | Information Exposure vulnerability in PHP
An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. | 5.0 |
| 2018-08-03 | CVE-2018-14884 | NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. | 5.0 |
| 2018-08-03 | CVE-2018-14883 | Out-of-bounds Read vulnerability in multiple products
An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. | 5.0 |