High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-17	CVE-2018-10873	Improper Input Validation vulnerability in multiple products A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. network low complexity spice-project debian canonical redhat CWE-20	8.8
2018-08-06	CVE-2018-5390	Resource Exhaustion vulnerability in multiple products Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. network low complexity redhat linux canonical debian hp f5 a10networks cisco CWE-400	7.5
2018-08-01	CVE-2016-9583	Out-of-bounds Read vulnerability in multiple products An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input. local low complexity redhat jasper-project oracle CWE-125	7.8
2018-08-01	CVE-2016-8654	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. local low complexity jasper-project redhat debian CWE-119	7.8
2018-08-01	CVE-2016-9573	An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. network low complexity uclouvain redhat debian	8.1
2018-07-30	CVE-2017-7518	Improper Handling of Exceptional Conditions vulnerability in multiple products A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. local low complexity redhat debian canonical linux CWE-755	7.8
2018-07-27	CVE-2016-9578	Improper Input Validation vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. network low complexity spice-project redhat debian CWE-20	7.5
2018-07-27	CVE-2016-9577	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. network low complexity spice-project redhat debian CWE-119	8.8
2018-07-27	CVE-2017-2634	It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. network low complexity linux redhat	7.5
2018-07-27	CVE-2017-2590	Permission Issues vulnerability in multiple products A vulnerability was found in ipa before 4.4. network low complexity freeipa redhat CWE-275	8.1