High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-11	CVE-2018-1100	zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. local low complexity zsh canonical redhat	7.8
2018-04-06	CVE-2018-1000156	Improper Input Validation vulnerability in multiple products GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. local low complexity gnu canonical debian redhat CWE-20	7.8
2018-04-04	CVE-2018-1097	A flaw was found in foreman before 1.16.1. network low complexity theforeman redhat	8.8
2018-04-03	CVE-2018-8778	Use of Externally-Controlled Format String vulnerability in multiple products In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format (similar to format string vulnerabilities) can trigger a buffer under-read in the String#unpack method, resulting in a massive and controlled information disclosure. network low complexity ruby-lang canonical debian redhat CWE-134	7.5
2018-04-03	CVE-2018-8777	Resource Exhaustion vulnerability in multiple products In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption). network low complexity ruby-lang debian canonical redhat CWE-400	7.5
2018-04-03	CVE-2018-6914	Path Traversal vulnerability in multiple products Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. network low complexity ruby-lang canonical debian redhat CWE-22	7.5
2018-04-03	CVE-2018-1098	A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. network low complexity redhat fedoraproject	8.8
2018-04-03	CVE-2017-7000	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in certain Apple products. network low complexity apple redhat debian chromium CWE-119	8.8
2018-03-30	CVE-2018-7566	Race Condition vulnerability in multiple products The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. local low complexity linux suse canonical debian redhat oracle CWE-362	7.8
2018-03-28	CVE-2018-1064	Resource Exhaustion vulnerability in multiple products libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent. network low complexity debian redhat CWE-400	7.5