Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-25	CVE-2018-6037	Information Exposure vulnerability in multiple products Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with insufficient user gestures via a crafted HTML page. network low complexity google debian redhat CWE-200	6.5
2018-09-25	CVE-2018-6036	Improper Input Validation vulnerability in multiple products Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page. network low complexity google debian redhat CWE-20	6.5
2018-09-25	CVE-2018-6032	Improper Input Validation vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted HTML page. network low complexity google redhat debian CWE-20	6.5
2018-09-17	CVE-2017-15705	Improper Input Validation vulnerability in multiple products A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. network low complexity apache redhat debian canonical CWE-20	5.3
2018-09-05	CVE-2018-16542	Out-of-bounds Write vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. local low complexity artifex redhat debian canonical CWE-787	5.5
2018-09-05	CVE-2018-16541	Use After Free vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. local low complexity artifex canonical debian redhat CWE-416	5.5
2018-09-05	CVE-2018-16539	Information Exposure vulnerability in multiple products In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. local low complexity artifex canonical debian redhat CWE-200	5.5
2018-09-04	CVE-2018-16435	Integer Overflow or Wraparound vulnerability in multiple products Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. local low complexity littlecms canonical redhat debian CWE-190	5.5
2018-08-29	CVE-2018-12824	Out-of-bounds Read vulnerability in multiple products Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. network high complexity adobe redhat CWE-125	5.9
2018-08-29	CVE-2018-16062	Out-of-bounds Read vulnerability in multiple products dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. local low complexity elfutils-project debian opensuse canonical redhat CWE-125	5.5