High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-31	CVE-2018-1000001	Out-of-bounds Write vulnerability in multiple products In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. local low complexity gnu canonical redhat CWE-787	7.8
2018-01-25	CVE-2018-5748	Resource Exhaustion vulnerability in multiple products qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply. network low complexity redhat debian CWE-400	7.5
2018-01-18	CVE-2018-2637	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). network high complexity oracle redhat debian canonical schneider-electric hp	7.4
2018-01-18	CVE-2018-2633	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). network high complexity oracle redhat debian canonical schneider-electric hp	8.3
2018-01-18	CVE-2018-2562	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). network low complexity oracle mariadb debian canonical netapp redhat	7.1
2018-01-12	CVE-2018-5345	Out-of-bounds Write vulnerability in multiple products A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file. local low complexity fedoraproject gnome canonical debian redhat CWE-787	7.8
2017-12-15	CVE-2017-17405	OS Command Injection vulnerability in multiple products Ruby before 2.4.3 allows Net::FTP command injection. network low complexity ruby-lang debian redhat CWE-78	8.8
2017-12-11	CVE-2017-1000407	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic. low complexity redhat linux debian canonical CWE-754	7.4
2017-12-07	CVE-2017-1000410	Information Exposure vulnerability in multiple products The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. network low complexity linux debian redhat CWE-200	7.5
2017-11-13	CVE-2016-8610	A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. network low complexity openssl debian redhat netapp paloaltonetworks oracle fujitsu	7.5