| 2018-10-17 | CVE-2018-3183 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). | 9.0 |
| 2018-10-17 | CVE-2018-3180 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). | 5.6 |
| 2018-10-17 | CVE-2018-3169 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). | 8.3 |
| 2018-10-17 | CVE-2018-3149 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). | 8.3 |
| 2018-10-17 | CVE-2018-3139 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). | 3.1 |
| 2018-10-17 | CVE-2018-3136 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). | 3.4 |
| 2018-10-15 | CVE-2018-18073 | Information Exposure vulnerability in multiple products
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. | 6.3 |
| 2018-10-15 | CVE-2018-17961 | Information Exposure Through an Error Message vulnerability in multiple products
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. | 8.6 |
| 2018-10-15 | CVE-2018-18310 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. | 5.5 |
| 2018-10-09 | CVE-2018-18074 | Insufficiently Protected Credentials vulnerability in multiple products
The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | 7.5 |