High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-30	CVE-2017-2591	Out-of-bounds Read vulnerability in multiple products 389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. network low complexity fedoraproject redhat CWE-125	7.5
2018-04-26	CVE-2018-1074	Insufficiently Protected Credentials vulnerability in multiple products ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. network low complexity ovirt redhat CWE-522	7.2
2018-04-26	CVE-2018-10393	Out-of-bounds Read vulnerability in multiple products bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. network low complexity xiph-org debian redhat CWE-125	7.5
2018-04-26	CVE-2018-10392	Out-of-bounds Write vulnerability in multiple products mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. network low complexity xiph-org debian redhat CWE-787	8.8
2018-04-24	CVE-2016-9587	Improper Input Validation vulnerability in multiple products Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. network high complexity redhat ansible CWE-20	8.1
2018-04-24	CVE-2016-9599	Improper Access Control vulnerability in multiple products puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables rules management, which allowed the creation of TCP/UDP rules with empty port values. network high complexity openstack redhat CWE-284	7.5
2018-04-23	CVE-2018-8781	Integer Overflow or Wraparound vulnerability in multiple products The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space. local low complexity linux canonical debian redhat CWE-190	7.8
2018-04-19	CVE-2018-2814	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). network high complexity oracle redhat debian canonical schneider-electric hp	8.3
2018-04-19	CVE-2018-2811	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Install). local high complexity oracle redhat schneider-electric	7.7
2018-04-19	CVE-2018-2794	Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). local high complexity oracle redhat debian canonical hp schneider-electric	7.7