Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-21	CVE-2017-2672	Improper Privilege Management vulnerability in multiple products A flaw was found in foreman before version 1.15 in the logging of adding and registering images. network low complexity theforeman redhat CWE-269	4.0
2018-06-18	CVE-2018-1090	Information Exposure vulnerability in multiple products In Pulp before version 2.16.2, secrets are passed into override_config when triggering a task and then become readable to all users with read access on the distributor/importer. network low complexity pulpproject fedoraproject redhat CWE-200	5.0
2018-05-16	CVE-2018-11212	Divide By Zero vulnerability in multiple products An issue was discovered in libjpeg 9a and 9d. network ijg debian canonical netapp oracle redhat opensuse CWE-369	4.3
2018-04-26	CVE-2018-10237	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. network high complexity google redhat oracle CWE-770	5.9
2018-04-19	CVE-2018-2800	Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). network high complexity oracle redhat debian canonical schneider-electric hp	4.0
2018-04-19	CVE-2018-2799	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). network low complexity oracle redhat debian canonical hp schneider-electric apache	5.3
2018-04-19	CVE-2018-2798	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). network low complexity oracle redhat debian canonical hp schneider-electric	5.3
2018-04-19	CVE-2018-2797	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). network low complexity oracle redhat debian canonical hp schneider-electric	5.3
2018-04-19	CVE-2018-2796	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). network low complexity oracle redhat debian canonical hp schneider-electric	5.3
2018-04-19	CVE-2018-2795	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). network low complexity oracle redhat debian canonical hp schneider-electric	5.3