High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-05-23	CVE-2016-9840	inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. network low complexity zlib opensuse debian canonical oracle redhat apple nodejs	8.8
2017-05-23	CVE-2016-5177	Use After Free vulnerability in multiple products Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. network low complexity google opensuse debian redhat fedoraproject CWE-416	8.8
2017-05-22	CVE-2017-6891	Out-of-bounds Write vulnerability in multiple products Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. network low complexity gnu debian apache CWE-787	8.8
2017-05-22	CVE-2017-2520	Out-of-bounds Write vulnerability in multiple products An issue was discovered in certain Apple products. network low complexity apple debian CWE-787	7.5
2017-05-22	CVE-2017-2519	Multiple Security vulnerability in Apple iOS/WatchOS/tvOS/macOS An issue was discovered in certain Apple products. network low complexity apple debian	7.5
2017-05-22	CVE-2017-2518	Use After Free vulnerability in multiple products An issue was discovered in certain Apple products. network low complexity apple debian CWE-416	7.5
2017-05-19	CVE-2017-9078	Double Free vulnerability in multiple products The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in cleanup of TCP listeners when the -a option is enabled. network dropbear-ssh-project debian netapp CWE-415	8.5
2017-05-19	CVE-2017-9076	The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. local low complexity linux debian	7.8
2017-05-19	CVE-2017-9075	The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. local low complexity linux debian	7.8
2017-05-17	CVE-2017-8849	Improper Input Validation vulnerability in multiple products smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service. local low complexity smb4k-project debian CWE-20	7.2