Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-25	CVE-2015-5221	Use After Free vulnerability in multiple products Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file. local low complexity fedoraproject opensuse-project opensuse jasper-project CWE-416	5.5
2017-07-21	CVE-2015-5300	7PK - Time and State vulnerability in multiple Linux Systems The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart). network low complexity fedoraproject suse opensuse redhat debian canonical ntp CWE-361	5.0
2017-07-06	CVE-2017-8932	Incorrect Calculation vulnerability in multiple products A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. network high complexity golang fedoraproject novell opensuse CWE-682	5.9
2017-06-13	CVE-2016-3696	Information Exposure vulnerability in multiple products The pulp-qpid-ssl-cfg script in Pulp before 2.8.5 allows local users to obtain the CA key. local low complexity fedoraproject pulpproject CWE-200	5.5
2017-06-06	CVE-2016-9960	Divide By Zero vulnerability in multiple products game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash). local low complexity game-music-emu-project fedoraproject opensuse-project opensuse novell CWE-369	5.5
2017-04-13	CVE-2015-8567	Memory Leak vulnerability in multiple products Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). network low complexity qemu canonical debian suse opensuse fedoraproject CWE-401	6.8
2017-04-13	CVE-2015-1839	Data Processing Errors vulnerability in multiple products modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. local low complexity saltstack fedoraproject CWE-19	4.6
2017-04-13	CVE-2015-1838	Data Processing Errors vulnerability in multiple products modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. local low complexity saltstack fedoraproject CWE-19	4.6
2017-03-28	CVE-2016-8884	NULL Pointer Dereference vulnerability in multiple products The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. local low complexity jasper-project fedoraproject CWE-476	5.5
2017-03-23	CVE-2016-8887	NULL Pointer Dereference vulnerability in multiple products The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference). local low complexity jasper-project fedoraproject CWE-476	5.5