High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-26	CVE-2017-9727	Out-of-bounds Read vulnerability in multiple products The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. local low complexity artifex debian CWE-125	7.8
2017-07-26	CVE-2017-9726	Out-of-bounds Read vulnerability in multiple products The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. local low complexity artifex debian CWE-125	7.8
2017-07-26	CVE-2017-9612	Use After Free vulnerability in multiple products The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document. local low complexity artifex debian CWE-416	7.8
2017-07-26	CVE-2017-9611	Out-of-bounds Read vulnerability in multiple products The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. local low complexity artifex debian CWE-125	7.8
2017-07-25	CVE-2017-9233	Infinite Loop vulnerability in multiple products XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD. network low complexity libexpat-project python debian CWE-835	7.5
2017-07-24	CVE-2017-11591	There is a Floating point exception in the Exiv2::ValueType function in Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. network low complexity exiv2 canonical debian	7.5
2017-07-21	CVE-2015-5219	Incorrect Type Conversion or Cast vulnerability in multiple products The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet. network low complexity fedoraproject suse redhat debian canonical ntp novell opensuse siemens oracle CWE-704	7.5
2017-07-21	CVE-2015-5195	Improper Input Validation vulnerability in multiple products ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation. network low complexity fedoraproject redhat debian canonical ntp CWE-20	7.5
2017-07-21	CVE-2015-5194	Improper Input Validation vulnerability in multiple products The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands. network low complexity fedoraproject suse redhat debian canonical ntp CWE-20	7.5
2017-07-18	CVE-2017-11409	Excessive Iteration vulnerability in multiple products In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. network low complexity wireshark debian CWE-834	7.5