Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-25	CVE-2018-6039	Improper Input Validation vulnerability in multiple products Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension. network low complexity google debian redhat CWE-20	6.1
2018-09-25	CVE-2018-6038	Out-of-bounds Read vulnerability in multiple products Heap buffer overflow in WebGL in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. network low complexity google debian redhat CWE-125	6.5
2018-09-25	CVE-2018-6037	Information Exposure vulnerability in multiple products Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with insufficient user gestures via a crafted HTML page. network low complexity google debian redhat CWE-200	6.5
2018-09-25	CVE-2018-6036	Improper Input Validation vulnerability in multiple products Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page. network low complexity google debian redhat CWE-20	6.5
2018-09-25	CVE-2018-6032	Improper Input Validation vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted HTML page. network low complexity google redhat debian CWE-20	6.5
2018-09-19	CVE-2018-3830	Cross-site Scripting vulnerability in multiple products Kibana versions 5.3.0 to 6.4.1 had a cross-site scripting (XSS) vulnerability via the source field formatter that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. network low complexity elastic redhat CWE-79	6.1
2018-09-19	CVE-2018-17206	Out-of-bounds Read vulnerability in multiple products An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. network low complexity openvswitch redhat canonical debian CWE-125	4.9
2018-09-19	CVE-2018-17204	Reachable Assertion vulnerability in multiple products An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. network low complexity openvswitch redhat canonical debian CWE-617	4.3
2018-09-18	CVE-2018-14642	Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform and Undertow An information leak vulnerability was found in Undertow. network low complexity redhat CWE-200	5.3
2018-09-17	CVE-2017-15705	Improper Input Validation vulnerability in multiple products A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. network low complexity apache redhat debian canonical CWE-20	5.3