Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-18	CVE-2018-12373	Information Exposure vulnerability in multiple products dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. network low complexity mozilla redhat debian canonical CWE-200	6.5
2018-10-18	CVE-2018-12372	Information Exposure vulnerability in multiple products Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. network low complexity mozilla redhat debian canonical CWE-200	6.5
2018-10-18	CVE-2018-12366	Out-of-bounds Read vulnerability in multiple products An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. network low complexity redhat debian canonical mozilla CWE-125	6.5
2018-10-18	CVE-2018-12365	Information Exposure vulnerability in multiple products A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. network low complexity redhat debian canonical mozilla CWE-200	6.5
2018-10-17	CVE-2018-3282	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). network low complexity oracle netapp canonical debian mariadb redhat	4.9
2018-10-17	CVE-2018-3214	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). network low complexity oracle redhat debian canonical hp	5.3
2018-10-17	CVE-2018-3180	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). network high complexity oracle redhat debian canonical hp	5.6
2018-10-15	CVE-2018-18073	Information Exposure vulnerability in multiple products Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. local low complexity artifex debian canonical redhat CWE-200	6.3
2018-10-15	CVE-2018-18310	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. local low complexity elfutils-project debian redhat opensuse canonical CWE-119	5.5
2018-10-08	CVE-2018-1000808	Improper Resource Shutdown or Release vulnerability in multiple products Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS #12 Store that can result in Denial of service if memory runs low or is exhausted. network high complexity pyopenssl-project canonical redhat CWE-404	5.9