Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-13	CVE-2018-10850	Race Condition vulnerability in multiple products 389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. network high complexity fedoraproject redhat debian CWE-362	5.9
2018-06-12	CVE-2018-5803	Improper Input Validation vulnerability in multiple products In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash. local low complexity linux debian redhat CWE-20	5.5
2018-06-12	CVE-2018-1103	Improper Input Validation vulnerability in Redhat Source-To-Image Openshift Enterprise source-to-image before version 1.1.10 is vulnerable to an improper validation of user input. network low complexity redhat CWE-20	6.5
2018-06-11	CVE-2018-5185	Missing Encryption of Sensitive Data vulnerability in multiple products Plaintext of decrypted emails can leak through by user submitting an embedded form. network low complexity redhat debian canonical mozilla CWE-311	6.5
2018-06-11	CVE-2018-5170	Improper Input Validation vulnerability in multiple products It is possible to spoof the filename of an attachment and display an arbitrary attachment name. network low complexity redhat mozilla debian canonical CWE-20	4.3
2018-06-11	CVE-2018-5168	Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. network low complexity debian mozilla canonical redhat	5.3
2018-06-11	CVE-2018-5161	Improper Input Validation vulnerability in multiple products Crafted message headers can cause a Thunderbird process to hang on receiving the message. network low complexity redhat debian canonical mozilla CWE-20	4.3
2018-06-11	CVE-2018-5131	Information Exposure vulnerability in multiple products Under certain circumstances the "fetch()" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. network high complexity debian mozilla redhat canonical CWE-200	5.9
2018-06-11	CVE-2018-5117	If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. network low complexity debian redhat mozilla canonical	5.3
2018-06-11	CVE-2017-7848	Injection vulnerability in multiple products RSS fields can inject new lines into the created email structure, modifying the message body. network low complexity mozilla redhat debian CWE-74	5.3