High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-05-23	CVE-2016-5177	Use After Free vulnerability in multiple products Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. network low complexity google opensuse debian redhat fedoraproject CWE-416	8.8
2017-04-21	CVE-2016-0721	Session Fixation vulnerability in multiple products Session fixation vulnerability in pcsd in pcs before 0.9.157. network low complexity clusterlabs redhat fedoraproject CWE-384	8.1
2017-04-21	CVE-2016-0720	Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. network low complexity clusterlabs redhat fedoraproject CWE-352	8.8
2017-04-14	CVE-2016-6299	Permissions, Privileges, and Access Controls vulnerability in multiple products The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. local low complexity fedoraproject mock-project CWE-264	7.8
2017-04-13	CVE-2015-8567	Memory Leak vulnerability in multiple products Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). network low complexity qemu canonical debian suse opensuse fedoraproject CWE-401	7.7
2017-03-31	CVE-2014-9114	Command Injection vulnerability in multiple products Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. local low complexity opensuse fedoraproject kernel CWE-77	7.8
2017-03-27	CVE-2016-9243	HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size. network low complexity cryptography-io fedoraproject canonical	7.5
2017-03-27	CVE-2017-5330	OS Command Injection vulnerability in multiple products ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications. local low complexity fedoraproject kde CWE-78	7.8
2017-03-24	CVE-2016-10132	NULL Pointer Dereference vulnerability in multiple products regexp.c in Artifex Software, Inc. network low complexity artifex fedoraproject CWE-476	7.5
2017-03-23	CVE-2016-9399	Reachable Assertion vulnerability in multiple products The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. network low complexity jasper-project fedoraproject opensuse CWE-617	7.5