High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-05	CVE-2018-16511	Incorrect Type Conversion or Cast vulnerability in multiple products An issue was discovered in Artifex Ghostscript before 9.24. local low complexity debian artifex canonical redhat CWE-704	7.8
2018-08-28	CVE-2018-15911	Use of Uninitialized Resource vulnerability in multiple products In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code. local low complexity debian canonical artifex redhat pulsesecure CWE-908	7.8
2018-08-27	CVE-2018-15909	Incorrect Type Conversion or Cast vulnerability in multiple products In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code. local low complexity debian canonical artifex redhat pulsesecure CWE-704	7.8
2018-08-17	CVE-2018-10873	Improper Input Validation vulnerability in multiple products A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. network low complexity spice-project debian canonical redhat CWE-20	8.8
2018-08-06	CVE-2018-5390	Resource Exhaustion vulnerability in multiple products Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. network low complexity redhat linux canonical debian hp f5 a10networks cisco CWE-400	7.5
2018-08-01	CVE-2016-9583	Out-of-bounds Read vulnerability in multiple products An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input. local low complexity redhat jasper-project oracle CWE-125	7.8
2018-07-06	CVE-2018-13405	Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. local low complexity linux debian canonical fedoraproject redhat f5 CWE-269	7.8
2018-06-13	CVE-2018-11806	Out-of-bounds Write vulnerability in multiple products m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. local low complexity qemu canonical redhat debian CWE-787	8.2
2018-06-11	CVE-2018-5184	Inadequate Encryption Strength vulnerability in multiple products Using remote content in encrypted messages can lead to the disclosure of plaintext. network low complexity debian mozilla canonical redhat CWE-326	7.5
2018-06-11	CVE-2018-5178	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. network high complexity debian mozilla canonical redhat CWE-119	8.1