Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-04	CVE-2018-10911	A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. network low complexity gluster redhat debian opensuse	7.5
2018-09-04	CVE-2018-10907	It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. network low complexity gluster redhat debian opensuse	8.8
2018-09-04	CVE-2018-10904	It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. network low complexity gluster redhat debian opensuse	8.8
2018-09-03	CVE-2018-16412	Out-of-bounds Read vulnerability in multiple products ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function. network low complexity imagemagick opensuse CWE-125	8.8
2018-09-03	CVE-2018-16402	Double Free vulnerability in multiple products libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice. network low complexity elfutils-project debian redhat opensuse canonical CWE-415 critical	9.8
2018-08-29	CVE-2018-16062	Out-of-bounds Read vulnerability in multiple products dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. local low complexity elfutils-project debian opensuse canonical redhat CWE-125	5.5
2018-08-10	CVE-2018-6556	Channel and Path Errors vulnerability in multiple products lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. local low complexity canonical linuxcontainers suse opensuse CWE-417	3.3
2018-08-01	CVE-2018-10916	Improper Input Validation vulnerability in multiple products It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. network low complexity lftp-project canonical opensuse CWE-20	6.5
2018-07-30	CVE-2016-9597	It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. network low complexity canonical xmlsoft debian hp opensuse	7.5
2018-07-23	CVE-2018-14523	Out-of-bounds Read vulnerability in multiple products An issue was discovered in aubio 0.4.6. network low complexity aubio opensuse suse CWE-125	8.8