High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-10	CVE-2018-1128	Improper Authentication vulnerability in multiple products It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. high complexity redhat debian opensuse CWE-287	7.5
2018-07-10	CVE-2018-10861	Improper Authentication vulnerability in multiple products A flaw was found in the way ceph mon handles user requests. network low complexity ceph redhat opensuse debian CWE-287	8.1
2018-07-09	CVE-2018-4945	Incorrect Type Conversion or Cast vulnerability in multiple products Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. network low complexity adobe redhat CWE-704	8.8
2018-07-06	CVE-2018-13405	Improper Privilege Management vulnerability in multiple products The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. local low complexity linux debian canonical fedoraproject redhat f5 CWE-269	7.8
2018-06-26	CVE-2018-10852	Information Exposure vulnerability in multiple products The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. network low complexity debian fedoraproject redhat CWE-200	7.5
2018-06-19	CVE-2018-1061	python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. network low complexity python debian redhat canonical fedoraproject	7.5
2018-06-18	CVE-2018-1060	python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. network low complexity python fedoraproject canonical redhat debian	7.5
2018-06-13	CVE-2018-11806	Out-of-bounds Write vulnerability in multiple products m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. local low complexity qemu canonical redhat debian CWE-787	8.2
2018-06-12	CVE-2018-5848	Integer Overflow or Wraparound vulnerability in multiple products In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. local low complexity google redhat debian CWE-190	7.8
2018-06-11	CVE-2018-5184	Inadequate Encryption Strength vulnerability in multiple products Using remote content in encrypted messages can lead to the disclosure of plaintext. network low complexity debian mozilla canonical redhat CWE-326	7.5