High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-20	CVE-2017-7007	Resource Exhaustion vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. network low complexity apple CWE-400	7.5
2017-07-13	CVE-2017-7529	Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. network low complexity f5 puppet apple	7.5
2017-07-13	CVE-2017-11103	Insufficient Verification of Data Authenticity vulnerability in multiple products Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. network high complexity heimdal-project freebsd samba apple debian CWE-345	8.1
2017-07-07	CVE-2017-2218	Untrusted Search Path vulnerability in Apple Quicktime Untrusted search path vulnerability in Installer of QuickTime for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. local low complexity apple CWE-426	7.8
2017-06-27	CVE-2017-2491	Use After Free vulnerability in Apple Iphone OS Use after free vulnerability in the String.replace method JavaScriptCore in Apple Safari in iOS before 10.3 allows remote attackers to execute arbitrary code via a crafted web page, or a crafted file. network low complexity apple CWE-416	8.8
2017-06-20	CVE-2017-7668	Out-of-bounds Read vulnerability in multiple products The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. network low complexity apache netapp redhat debian oracle apple CWE-125	7.5
2017-05-23	CVE-2016-9842	The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. network low complexity zlib opensuse debian canonical oracle redhat apple nodejs	8.8
2017-05-23	CVE-2016-9840	inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. network low complexity zlib opensuse debian canonical oracle redhat apple nodejs	8.8
2017-05-22	CVE-2017-6999	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. local low complexity apple CWE-119	7.8
2017-05-22	CVE-2017-6998	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. local low complexity apple CWE-119	7.8