High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-15	CVE-2017-12864	Integer Overflow or Wraparound vulnerability in multiple products In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. network low complexity opencv debian CWE-190	8.8
2017-08-15	CVE-2017-12863	Integer Overflow or Wraparound vulnerability in multiple products In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. network low complexity opencv debian CWE-190	8.8
2017-08-15	CVE-2017-12862	Out-of-bounds Write vulnerability in multiple products In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffer _src is small than expected, which will cause copy buffer overflow later. network low complexity opencv debian CWE-787	8.8
2017-08-11	CVE-2016-6796	A malicious web application running on Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 was able to bypass a configured SecurityManager via manipulation of the configuration parameters for the JSP Servlet. network low complexity apache debian netapp canonical oracle redhat	7.5
2017-08-10	CVE-2016-6797	Incorrect Authorization vulnerability in multiple products The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web application. network low complexity apache oracle debian netapp canonical redhat CWE-863	7.5
2017-08-09	CVE-2015-3405	Insufficient Entropy vulnerability in multiple products ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys. network low complexity ntp debian suse opensuse-project opensuse fedoraproject redhat CWE-331	7.5
2017-08-08	CVE-2017-10176	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). network low complexity oracle debian phoenixcontact netapp	7.5
2017-08-08	CVE-2017-10118	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). network low complexity oracle debian phoenixcontact netapp	7.5
2017-08-08	CVE-2017-10116	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). network high complexity oracle phoenixcontact debian redhat netapp	8.3
2017-08-08	CVE-2017-10115	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). network low complexity oracle debian phoenixcontact redhat netapp	7.5