High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-07-17	CVE-2017-1000050	NULL Pointer Dereference vulnerability in multiple products JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service. network low complexity jasper-project fedoraproject redhat canonical CWE-476	7.5
2017-07-17	CVE-2017-1000001	Improper Input Validation vulnerability in Fedoraproject Fedmsg FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on. network low complexity fedoraproject CWE-20	7.5
2017-06-27	CVE-2016-6342	Improper Access Control vulnerability in multiple products elog 3.1.1 allows remote attackers to post data as any username in the logbook. network low complexity fedoraproject elog-project CWE-284	7.5
2017-06-26	CVE-2017-7496	Improper Handling of Exceptional Conditions vulnerability in Fedoraproject ARM Installer 1.99.16 fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary directories. local high complexity fedoraproject CWE-755	7.0
2017-06-13	CVE-2016-5391	NULL Pointer Dereference vulnerability in multiple products libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart). network low complexity libreswan fedoraproject CWE-476	7.5
2017-06-13	CVE-2016-3704	Credentials Management vulnerability in multiple products Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords. network low complexity fedoraproject pulpproject CWE-255	7.5
2017-06-01	CVE-2017-8386	git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character. network low complexity git opensuse debian canonical fedoraproject	8.8
2017-05-23	CVE-2016-5177	Use After Free vulnerability in multiple products Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. network low complexity google opensuse debian redhat fedoraproject CWE-416	8.8
2017-04-21	CVE-2016-0721	Session Fixation vulnerability in multiple products Session fixation vulnerability in pcsd in pcs before 0.9.157. network low complexity clusterlabs redhat fedoraproject CWE-384	8.1
2017-04-21	CVE-2016-0720	Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. network low complexity clusterlabs redhat fedoraproject CWE-352	8.8