Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-10	CVE-2018-1129	Improper Authentication vulnerability in multiple products A flaw was found in the way signature calculation was handled by cephx authentication protocol. low complexity redhat ceph debian opensuse CWE-287	6.5
2018-07-06	CVE-2018-10892	The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. network low complexity docker mobyproject redhat opensuse	5.3
2018-07-03	CVE-2018-13099	Out-of-bounds Read vulnerability in multiple products An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. local low complexity linux debian opensuse canonical CWE-125	5.5
2018-07-03	CVE-2018-13096	Out-of-bounds Write vulnerability in multiple products An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. local low complexity linux debian canonical opensuse CWE-787	5.5
2018-06-11	CVE-2018-10360	Out-of-bounds Read vulnerability in multiple products The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. network low complexity file-project canonical opensuse CWE-125	6.5
2018-05-16	CVE-2018-11212	Divide By Zero vulnerability in multiple products An issue was discovered in libjpeg 9a and 9d. network low complexity ijg debian canonical netapp oracle redhat opensuse CWE-369	6.5
2018-05-04	CVE-2018-10733	Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. network low complexity gnome redhat opensuse CWE-125	6.5
2018-03-12	CVE-2018-7858	Out-of-bounds Read vulnerability in multiple products Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display. local low complexity qemu opensuse redhat canonical CWE-125	5.5
2018-03-01	CVE-2017-14804	Improper Input Validation vulnerability in multiple products The build package before 20171128 did not check directory names during extraction of build results that allowed untrusted builds to write outside of the target system,allowing escape out of buildroots. network low complexity suse opensuse CWE-20	5.3
2018-01-04	CVE-2017-5753	Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. local high complexity intel canonical debian oracle synology opensuse suse arm pepperl-fuchs netapp phoenixcontact siemens vmware CWE-203	5.6