| 2018-10-18 | CVE-2018-12360 | Use After Free vulnerability in multiple products
A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. | 8.8 |
| 2018-10-18 | CVE-2018-12359 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed boundaries. | 8.8 |
| 2018-10-17 | CVE-2018-18445 | Out-of-bounds Read vulnerability in multiple products
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts. | 7.8 |
| 2018-10-17 | CVE-2018-10933 | Improper Authentication vulnerability in multiple products
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. | 9.1 |
| 2018-10-17 | CVE-2018-3282 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). | 4.9 |
| 2018-10-17 | CVE-2018-3214 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). | 5.3 |
| 2018-10-17 | CVE-2018-3183 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Scripting). | 9.0 |
| 2018-10-17 | CVE-2018-3180 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). | 5.6 |
| 2018-10-17 | CVE-2018-3169 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). | 8.3 |
| 2018-10-17 | CVE-2018-3149 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). | 8.3 |