Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-17	CVE-2018-3180	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). network oracle redhat debian canonical hp	6.8
2018-10-17	CVE-2018-3169	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). network high complexity oracle redhat debian canonical hp	5.1
2018-10-17	CVE-2018-3149	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). network high complexity oracle redhat debian canonical hp	5.1
2018-09-17	CVE-2017-15705	Improper Input Validation vulnerability in multiple products A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. network low complexity apache redhat debian canonical CWE-20	5.3
2018-07-10	CVE-2018-3693	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. local intel arm oracle schneider-electric netapp redhat fujitsu	4.7
2018-06-11	CVE-2017-7847	Information Exposure vulnerability in multiple products Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. network debian redhat mozilla CWE-200	4.3
2018-06-11	CVE-2017-7829	Improper Input Validation vulnerability in multiple products It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. network low complexity mozilla redhat debian canonical CWE-20	5.0
2018-04-26	CVE-2018-10393	Out-of-bounds Read vulnerability in multiple products bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. network low complexity xiph-org debian redhat CWE-125	5.0
2018-04-26	CVE-2018-10392	Out-of-bounds Write vulnerability in multiple products mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. network xiph-org debian redhat CWE-787	6.8
2018-04-19	CVE-2018-2819	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle mariadb canonical debian redhat netapp	4.0