High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-09-25	CVE-2015-5704	Command Injection vulnerability in multiple products scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands. local low complexity devscripts-devel-team fedoraproject CWE-77	7.8
2017-09-20	CVE-2015-5607	Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery in the REST API in IPython 2 and 3. network low complexity ipython fedoraproject CWE-352	8.8
2017-09-19	CVE-2015-1854	Improper Access Control vulnerability in multiple products 389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and modify directory entries via a crafted ldapmodrdn call. network low complexity fedoraproject debian CWE-284	7.5
2017-09-07	CVE-2017-6362	Double Free vulnerability in multiple products Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. network low complexity libgd debian fedoraproject canonical CWE-415	7.5
2017-09-06	CVE-2015-5705	Link Following vulnerability in multiple products Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename. network low complexity devscripts-devel-team fedoraproject CWE-59	7.5
2017-08-29	CVE-2017-13752	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13751	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13750	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13749	Reachable Assertion vulnerability in multiple products There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject CWE-617	7.5
2017-08-29	CVE-2017-13748	Missing Release of Resource after Effective Lifetime vulnerability in multiple products There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack. network low complexity jasper-project fedoraproject debian CWE-772	7.5