Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2017-05-23	CVE-2016-5177	Use After Free vulnerability in multiple products Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. network low complexity google opensuse debian redhat fedoraproject CWE-416	8.8
2017-05-02	CVE-2016-10243	Improper Input Validation vulnerability in multiple products TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file. network low complexity debian fedoraproject tug CWE-20 critical	9.8
2017-04-21	CVE-2016-2173	Improper Input Validation vulnerability in multiple products org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code. network low complexity fedoraproject vmware CWE-20 critical	9.8
2017-04-21	CVE-2016-0721	Session Fixation vulnerability in multiple products Session fixation vulnerability in pcsd in pcs before 0.9.157. network low complexity clusterlabs redhat fedoraproject CWE-384	8.1
2017-04-21	CVE-2016-0720	Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. network low complexity clusterlabs redhat fedoraproject CWE-352	8.8
2017-04-14	CVE-2016-6299	Permissions, Privileges, and Access Controls vulnerability in multiple products The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. local low complexity fedoraproject mock-project CWE-264	7.8
2017-04-13	CVE-2015-8567	Memory Leak vulnerability in multiple products Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). network low complexity qemu canonical debian suse opensuse fedoraproject CWE-401	7.7
2017-04-13	CVE-2015-1839	Data Processing Errors vulnerability in multiple products modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. local low complexity saltstack fedoraproject CWE-19	5.3
2017-04-13	CVE-2015-1838	Data Processing Errors vulnerability in multiple products modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. local low complexity saltstack fedoraproject CWE-19	5.3
2017-03-31	CVE-2014-9114	Command Injection vulnerability in multiple products Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. local low complexity opensuse fedoraproject kernel CWE-77	7.8