15.0

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-04	CVE-2018-19840	Infinite Loop vulnerability in multiple products The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishandles a sample rate of zero. local low complexity wavpack canonical fedoraproject opensuse CWE-835	5.5
2018-11-26	CVE-2018-19542	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in JasPer 2.0.14. network low complexity jasper-project canonical suse debian opensuse CWE-476	6.5
2018-11-26	CVE-2018-19539	Reachable Assertion vulnerability in multiple products An issue was discovered in JasPer 2.0.14. network low complexity jasper-project suse debian opensuse CWE-617	6.5
2018-11-23	CVE-2018-19492	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in cairo.trm in Gnuplot 5.2.5. local low complexity gnuplot debian opensuse CWE-119	7.8
2018-11-23	CVE-2018-19491	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in post.trm in Gnuplot 5.2.5. local low complexity gnuplot debian opensuse CWE-119	7.8
2018-11-23	CVE-2018-19490	Out-of-bounds Write vulnerability in multiple products An issue was discovered in datafile.c in Gnuplot 5.2.5. local low complexity gnuplot debian opensuse CWE-787	7.8
2018-11-07	CVE-2018-19052	Path Traversal vulnerability in multiple products An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. network low complexity lighttpd suse opensuse debian CWE-22	7.5
2018-10-21	CVE-2018-18544	Missing Release of Resource after Effective Lifetime vulnerability in multiple products There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. network low complexity imagemagick graphicsmagick opensuse CWE-772	6.5
2018-10-19	CVE-2018-18521	Divide By Zero vulnerability in multiple products Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is mishandled. local low complexity elfutils-project debian redhat opensuse canonical CWE-369	5.5
2018-10-19	CVE-2018-18520	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. network low complexity elfutils-project debian canonical opensuse redhat CWE-119	6.5