High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-11	CVE-2017-5436	Out-of-bounds Write vulnerability in multiple products An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. network low complexity debian redhat sil mozilla CWE-787	8.8
2018-06-11	CVE-2017-5386	WebExtension scripts can use the "data:" protocol to affect pages loaded by other web extensions using this protocol, leading to potential data disclosure or privilege escalation in affected extensions. network low complexity debian redhat mozilla	7.3
2018-06-11	CVE-2017-5378	Information Exposure vulnerability in multiple products Hashed codes of JavaScript objects are shared between pages. network low complexity debian redhat mozilla CWE-200	7.5
2018-06-11	CVE-2016-9900	7PK - Security Features vulnerability in multiple products External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. network low complexity debian redhat mozilla CWE-254	7.5
2018-06-11	CVE-2016-9079	Use After Free vulnerability in multiple products A use-after-free vulnerability in SVG Animation has been discovered. network low complexity debian redhat mozilla torproject CWE-416	7.5
2018-05-30	CVE-2018-11235	Path Traversal vulnerability in multiple products In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. local low complexity debian canonical redhat git-scm gitforwindows CWE-22	7.8
2018-05-23	CVE-2018-1124	Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. local low complexity procps-ng-project canonical debian redhat schneider-electric opensuse CWE-190	7.8
2018-05-17	CVE-2018-1111	DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. high complexity fedoraproject redhat	7.5
2018-05-15	CVE-2018-1087	kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. local low complexity linux canonical debian redhat	7.8
2018-05-09	CVE-2018-10184	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in HAProxy before 1.8.8. network low complexity haproxy redhat CWE-119	7.5