15.0

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-15	CVE-2017-5934	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network low complexity moinmo debian canonical opensuse CWE-79	6.1
2018-10-15	CVE-2018-18310	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. local low complexity elfutils-project debian redhat opensuse canonical CWE-119	5.5
2018-10-09	CVE-2018-12477	CRLF Injection vulnerability in Opensuse Leap 15.0/42.3 A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. network low complexity opensuse CWE-93	7.5
2018-09-21	CVE-2018-17294	Out-of-bounds Read vulnerability in multiple products The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with certain translation dictionaries. network low complexity liblouis canonical opensuse CWE-125	6.5
2018-09-03	CVE-2018-16412	Out-of-bounds Read vulnerability in multiple products ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function. network low complexity imagemagick opensuse CWE-125	8.8
2018-09-03	CVE-2018-16402	Double Free vulnerability in multiple products libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice. network low complexity elfutils-project debian redhat opensuse canonical CWE-415 critical	9.8
2018-08-29	CVE-2018-16062	Out-of-bounds Read vulnerability in multiple products dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. local low complexity elfutils-project debian opensuse canonical redhat CWE-125	5.5
2018-08-10	CVE-2018-6556	Channel and Path Errors vulnerability in multiple products lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. local low complexity canonical linuxcontainers suse opensuse CWE-417	3.3
2018-07-23	CVE-2018-14523	Out-of-bounds Read vulnerability in multiple products An issue was discovered in aubio 0.4.6. network low complexity aubio opensuse suse CWE-125	8.8
2018-07-23	CVE-2018-14522	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in aubio 0.4.6. network low complexity aubio opensuse suse CWE-119	8.8