High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-07	CVE-2018-19052	Path Traversal vulnerability in multiple products An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. network low complexity lighttpd suse opensuse debian CWE-22	7.5
2018-10-23	CVE-2018-16837	Missing Encryption of Sensitive Data vulnerability in multiple products Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. local low complexity redhat debian suse CWE-311	7.8
2018-10-09	CVE-2018-17962	Integer Overflow or Wraparound vulnerability in multiple products Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. network low complexity qemu suse debian canonical redhat oracle CWE-190	7.5
2018-10-04	CVE-2018-12471	XXE vulnerability in Suse Subscription Management Tool A External Entity Reference ('XXE') vulnerability in SUSE Linux SMT allows remote attackers to read data from the server or cause DoS by referencing blocking elements. network low complexity suse CWE-611	8.1
2018-09-26	CVE-2018-16588	Incorrect Permission Assignment for Critical Resource vulnerability in Suse Shadow 4.2.127.9.1/4.55.39 Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and through 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). local low complexity suse CWE-732	7.8
2018-07-24	CVE-2017-3224	Insufficient Verification of Data Authenticity vulnerability in multiple products Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. high complexity quagga suse redhat CWE-345	8.2
2018-07-23	CVE-2018-14523	Out-of-bounds Read vulnerability in multiple products An issue was discovered in aubio 0.4.6. network low complexity aubio opensuse suse CWE-125	8.8
2018-07-23	CVE-2018-14522	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in aubio 0.4.6. network low complexity aubio opensuse suse CWE-119	8.8
2018-07-13	CVE-2018-10875	Untrusted Search Path vulnerability in multiple products A flaw was found in ansible. local low complexity redhat debian suse canonical CWE-426	7.8
2018-06-07	CVE-2011-0467	SQL Injection vulnerability in Suse Studio Onsite and Studio Onsite Appliance A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. network low complexity suse CWE-89	8.8