Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-08	CVE-2018-12020	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. network low complexity redhat canonical debian gnupg CWE-706	5.0
2018-05-30	CVE-2018-11235	Path Traversal vulnerability in multiple products In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. network debian canonical redhat git-scm gitforwindows CWE-22	6.8
2018-05-24	CVE-2018-1000301	Out-of-bounds Read vulnerability in multiple products curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. network low complexity debian canonical haxx redhat oracle CWE-125	6.4
2018-05-24	CVE-2018-1000199	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. local low complexity debian linux canonical redhat CWE-119	4.9
2018-05-23	CVE-2018-1124	Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. local low complexity procps-ng-project canonical debian redhat schneider-electric opensuse CWE-190	4.6
2018-05-18	CVE-2018-11237	Out-of-bounds Write vulnerability in multiple products An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper. local low complexity gnu redhat oracle netapp canonical CWE-787	4.6
2018-05-16	CVE-2018-11212	Divide By Zero vulnerability in multiple products An issue was discovered in libjpeg 9a and 9d. network ijg debian canonical netapp oracle redhat opensuse CWE-369	4.3
2018-05-15	CVE-2018-1087	kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. local low complexity linux canonical debian redhat	4.6
2018-05-12	CVE-2018-10998	An issue was discovered in Exiv2 0.26. network low complexity exiv2 canonical debian redhat	6.5
2018-05-10	CVE-2018-1118	Improper Initialization vulnerability in multiple products Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. local low complexity linux debian canonical redhat CWE-665	5.5