High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-29	CVE-2017-13750	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13749	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13748	Missing Release of Resource after Effective Lifetime vulnerability in multiple products There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject debian CWE-772	7.5
2017-08-29	CVE-2017-13747	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13746	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-25	CVE-2015-1395	Path Traversal vulnerability in multiple products Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. network low complexity fedoraproject canonical gnu CWE-22	7.8
2017-08-25	CVE-2014-9637	Resource Management Errors vulnerability in multiple products GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file. network fedoraproject mageia canonical gnu CWE-399	7.1
2017-08-23	CVE-2017-11610	Incorrect Default Permissions vulnerability in multiple products The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups. network low complexity supervisord fedoraproject debian redhat CWE-276	8.8
2017-08-09	CVE-2015-6816	Improper Authentication vulnerability in multiple products ganglia-web before 3.7.1 allows remote attackers to bypass authentication. network low complexity fedoraproject ganglia CWE-287	7.5
2017-08-09	CVE-2015-3405	Insufficient Entropy vulnerability in multiple products ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys. network low complexity ntp debian suse opensuse-project opensuse fedoraproject redhat CWE-331	7.5