Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-21	CVE-2018-17294	Out-of-bounds Read vulnerability in multiple products The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with certain translation dictionaries. network low complexity liblouis canonical opensuse CWE-125	6.5
2018-09-04	CVE-2018-10930	A flaw was found in RPC request using gfs3_rename_req in glusterfs server. network low complexity gluster redhat debian opensuse	6.5
2018-09-04	CVE-2018-10914	It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. network low complexity gluster redhat debian opensuse	6.5
2018-09-04	CVE-2018-10913	An information disclosure vulnerability was discovered in glusterfs server. network low complexity gluster redhat debian opensuse	6.5
2018-08-29	CVE-2018-16062	Out-of-bounds Read vulnerability in multiple products dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. local low complexity elfutils-project debian opensuse canonical redhat CWE-125	5.5
2018-08-01	CVE-2018-12467	Incorrect Permission Assignment for Critical Resource vulnerability in Opensuse Open Build Service Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-7689. network low complexity opensuse CWE-732	6.5
2018-08-01	CVE-2018-12466	Incorrect Permission Assignment for Critical Resource vulnerability in Opensuse Open Build Service openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific projects with project links. network low complexity opensuse CWE-732	6.5
2018-08-01	CVE-2018-10916	Improper Input Validation vulnerability in multiple products It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. network low complexity lftp-project canonical opensuse CWE-20	6.5
2018-07-10	CVE-2018-1129	Improper Authentication vulnerability in multiple products A flaw was found in the way signature calculation was handled by cephx authentication protocol. low complexity redhat ceph debian opensuse CWE-287	6.5
2018-07-06	CVE-2018-10892	The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. network low complexity docker mobyproject redhat opensuse	5.3