16.04

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-10	CVE-2016-6794	When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. network low complexity apache debian redhat netapp canonical oracle	5.3
2017-08-10	CVE-2016-5018	In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications. network low complexity apache netapp canonical debian redhat oracle critical	9.1
2017-08-10	CVE-2016-0762	Information Exposure Through Discrepancy vulnerability in multiple products The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. network high complexity apache canonical debian redhat netapp oracle CWE-203	5.9
2017-08-07	CVE-2011-5325	Path Traversal vulnerability in multiple products Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink. network low complexity busybox debian canonical CWE-22	7.5
2017-07-27	CVE-2017-11683	Reachable Assertion vulnerability in multiple products There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. network low complexity exiv2 canonical debian CWE-617	6.5
2017-07-25	CVE-2017-7980	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation. local low complexity qemu canonical debian redhat CWE-119	7.8
2017-07-24	CVE-2017-11591	There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. network low complexity exiv2 canonical debian	7.5
2017-07-17	CVE-2017-11352	In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. network low complexity imagemagick debian canonical	6.5
2017-07-17	CVE-2017-1000050	NULL Pointer Dereference vulnerability in multiple products JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service. network low complexity jasper-project fedoraproject redhat canonical CWE-476	7.5
2017-06-27	CVE-2015-5180	NULL Pointer Dereference vulnerability in multiple products res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash). network low complexity canonical gnu CWE-476	7.5