Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-26	CVE-2017-7562	An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. network low complexity redhat mit	6.5
2018-07-25	CVE-2018-1002200	Path Traversal vulnerability in multiple products plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. local low complexity codehaus-plexus redhat debian CWE-22	5.5
2018-07-25	CVE-2018-10880	Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). local low complexity debian linux redhat canonical	5.5
2018-07-18	CVE-2018-10877	Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image. local low complexity canonical linux debian redhat	6.5
2018-07-16	CVE-2018-10840	Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4_xattr_set_entry() function. low complexity linux canonical redhat	6.6
2018-07-10	CVE-2018-3693	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. local high complexity intel arm oracle schneider-electric netapp redhat fujitsu	5.6
2018-07-10	CVE-2018-10872	Unspecified vulnerability in Redhat products A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. local low complexity redhat	5.5
2018-07-10	CVE-2018-1129	Improper Authentication vulnerability in multiple products A flaw was found in the way signature calculation was handled by cephx authentication protocol. low complexity redhat ceph debian opensuse CWE-287	6.5
2018-07-06	CVE-2018-10892	The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. network low complexity docker mobyproject redhat opensuse	5.3
2018-06-21	CVE-2018-3665	Information Exposure vulnerability in multiple products System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. local high complexity intel citrix freebsd redhat debian canonical CWE-200	5.6