Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-24	CVE-2015-5146	Improper Input Validation vulnerability in multiple products ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a crafted configuration directive packet. network high complexity fedoraproject debian ntp CWE-20	5.3
2017-08-23	CVE-2017-12809	NULL Pointer Dereference vulnerability in multiple products QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive. local low complexity qemu debian CWE-476	6.5
2017-08-23	CVE-2017-13145	Improper Input Validation vulnerability in multiple products In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash. network low complexity imagemagick debian canonical CWE-20	6.5
2017-08-22	CVE-2017-13065	NULL Pointer Dereference vulnerability in multiple products GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c. network low complexity graphicsmagick debian CWE-476	6.5
2017-08-22	CVE-2017-13064	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12. network low complexity graphicsmagick debian CWE-119	6.5
2017-08-22	CVE-2017-13063	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12. network low complexity graphicsmagick debian CWE-119	6.5
2017-08-10	CVE-2016-6794	When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. network low complexity apache debian redhat netapp canonical oracle	5.3
2017-08-10	CVE-2016-0762	Information Exposure Through Discrepancy vulnerability in multiple products The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. network high complexity apache canonical debian redhat netapp oracle CWE-203	5.9
2017-08-08	CVE-2017-3652	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). network high complexity oracle debian	4.2
2017-08-08	CVE-2017-3651	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). network low complexity oracle mariadb debian redhat	4.3