High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-21	CVE-2015-5219	Incorrect Type Conversion or Cast vulnerability in multiple products The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet. network low complexity fedoraproject suse redhat debian canonical ntp novell opensuse siemens oracle CWE-704	7.5
2017-07-21	CVE-2015-5195	Improper Input Validation vulnerability in multiple products ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation. network low complexity fedoraproject redhat debian canonical ntp CWE-20	7.5
2017-07-21	CVE-2015-5194	Improper Input Validation vulnerability in multiple products The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands. network low complexity fedoraproject suse redhat debian canonical ntp CWE-20	7.5
2017-07-17	CVE-2017-1000050	NULL Pointer Dereference vulnerability in multiple products JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service. network low complexity jasper-project fedoraproject redhat canonical CWE-476	7.5
2017-06-27	CVE-2016-6342	Improper Access Control vulnerability in multiple products elog 3.1.1 allows remote attackers to post data as any username in the logbook. network low complexity fedoraproject elog-project CWE-284	7.5
2017-06-13	CVE-2016-5391	NULL Pointer Dereference vulnerability in multiple products libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart). network low complexity libreswan fedoraproject CWE-476	7.5
2017-06-13	CVE-2016-3704	Credentials Management vulnerability in multiple products Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords. network low complexity fedoraproject pulpproject CWE-255	7.5
2017-06-01	CVE-2017-8386	git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character. network low complexity git opensuse debian canonical fedoraproject	8.8
2017-05-23	CVE-2016-5177	Use After Free vulnerability in multiple products Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. network low complexity google opensuse debian redhat fedoraproject CWE-416	8.8
2017-04-21	CVE-2016-2173	Improper Input Validation vulnerability in multiple products org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code. network low complexity fedoraproject pivotal-software vmware CWE-20	7.5