Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-17	CVE-2017-15705	Improper Input Validation vulnerability in multiple products A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. network low complexity apache redhat debian canonical CWE-20	5.3
2018-08-20	CVE-2015-5160	Information Exposure vulnerability in multiple products libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing. local low complexity libvirt redhat CWE-200	5.5
2018-07-10	CVE-2018-3693	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. local high complexity intel arm oracle schneider-electric netapp redhat fujitsu	5.6
2018-06-11	CVE-2017-7847	Information Exposure vulnerability in multiple products Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. network low complexity debian redhat mozilla CWE-200	4.3
2018-06-11	CVE-2017-7829	Improper Input Validation vulnerability in multiple products It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. network low complexity mozilla redhat debian canonical CWE-20	5.3
2018-05-22	CVE-2018-3639	Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. local low complexity intel arm redhat debian canonical siemens oracle mitel sonicwall schneider-electric nvidia microsoft CWE-203	5.5
2018-04-19	CVE-2018-2819	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle mariadb canonical debian redhat netapp	6.5
2018-04-19	CVE-2018-2817	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). network low complexity oracle canonical debian redhat mariadb netapp	6.5
2018-04-19	CVE-2018-2781	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity debian netapp canonical mariadb oracle redhat	4.9
2018-04-19	CVE-2018-2771	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). network high complexity oracle debian canonical mariadb redhat netapp	4.4