High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-18	CVE-2017-11407	Improper Input Validation vulnerability in multiple products In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. network low complexity wireshark debian CWE-20	7.5
2017-07-18	CVE-2017-11406	Infinite Loop vulnerability in multiple products In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. network low complexity wireshark debian CWE-835	7.5
2017-07-17	CVE-2017-1000363	Out-of-bounds Write vulnerability in multiple products Linux drivers/char/lp.c Out-of-Bounds Write. local low complexity linux debian CWE-787	7.8
2017-07-11	CVE-2017-11176	Use After Free vulnerability in multiple products The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. local low complexity linux debian CWE-416	7.8
2017-07-10	CVE-2017-11139	Double Free vulnerability in multiple products GraphicsMagick 1.3.26 has double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c. network low complexity graphicsmagick debian CWE-415	7.5
2017-07-04	CVE-2017-10810	Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures. network low complexity linux debian CWE-772	7.5
2017-06-29	CVE-2017-10672	Use After Free vulnerability in multiple products Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call. network low complexity xml-libxml-project debian CWE-416	7.5
2017-06-21	CVE-2017-9780	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. local low complexity flatpak debian CWE-732	7.2
2017-06-21	CVE-2017-9766	Uncontrolled Recursion vulnerability in multiple products In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service (stack exhaustion) in the dissect_IODWriteReq function in plugins/profinet/packet-dcerpc-pn-io.c. network low complexity wireshark debian CWE-674	7.5
2017-06-20	CVE-2017-7668	Out-of-bounds Read vulnerability in multiple products The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. network low complexity apache netapp redhat debian oracle apple CWE-125	7.5