Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-01-30	CVE-2016-9119	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network moinmo canonical debian CWE-79	4.3
2017-01-30	CVE-2016-7798	Inadequate Encryption Strength vulnerability in multiple products The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. network low complexity ruby-lang debian CWE-326	5.0
2017-01-30	CVE-2016-2518	Out-of-bounds Read vulnerability in multiple products The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value. network low complexity ntp debian netapp oracle redhat freebsd siemens CWE-125	5.0
2017-01-30	CVE-2015-7977	NULL Pointer Dereference vulnerability in multiple products ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. network ntp oracle siemens netapp freebsd fedoraproject debian canonical CWE-476	4.3
2017-01-30	CVE-2017-5612	Cross-site Scripting vulnerability in Wordpress Cross-site scripting (XSS) vulnerability in wp-admin/includes/class-wp-posts-list-table.php in the posts list table in WordPress before 4.7.2 allows remote attackers to inject arbitrary web script or HTML via a crafted excerpt. network wordpress debian CWE-79	4.3
2017-01-30	CVE-2017-5610	Information Exposure vulnerability in Wordpress wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface, which allows remote attackers to bypass intended access restrictions by reading terms. network low complexity wordpress debian CWE-200	5.0
2017-01-27	CVE-2017-3318	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Error Handling). local high complexity oracle debian redhat mariadb	4.0
2017-01-27	CVE-2017-3317	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Logging). local high complexity oracle debian redhat mariadb	4.0
2017-01-27	CVE-2017-3313	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). local high complexity oracle debian canonical redhat mariadb	4.7
2017-01-27	CVE-2017-3265	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). network oracle redhat debian mariadb	4.9