15.1

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-12	CVE-2018-18225	Incorrect Calculation vulnerability in multiple products In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. network low complexity wireshark debian opensuse CWE-682	7.5
2018-10-09	CVE-2018-18074	Insufficiently Protected Credentials vulnerability in multiple products The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. network low complexity python canonical opensuse redhat CWE-522	7.5
2018-09-25	CVE-2018-14647	Missing Initialization of Resource vulnerability in multiple products Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. network low complexity python canonical debian fedoraproject opensuse redhat CWE-909	7.5
2018-09-18	CVE-2018-1000802	Command Injection vulnerability in multiple products Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. network low complexity python debian canonical opensuse CWE-77 critical	9.8
2018-09-04	CVE-2018-10930	A flaw was found in RPC request using gfs3_rename_req in glusterfs server. network low complexity gluster redhat debian opensuse	6.5
2018-09-04	CVE-2018-10929	A flaw was found in RPC request using gfs2_create_req in glusterfs server. network low complexity redhat debian gluster opensuse	8.8
2018-09-04	CVE-2018-10928	A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. network low complexity redhat debian gluster opensuse	8.8
2018-09-04	CVE-2018-10927	A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. network low complexity redhat debian gluster opensuse	8.1
2018-09-04	CVE-2018-10926	A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. network low complexity redhat debian gluster opensuse	8.8
2018-09-04	CVE-2018-10923	It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. network low complexity gluster redhat debian opensuse	8.1