Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-26	CVE-2017-7658	HTTP Request Smuggling vulnerability in multiple products In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. network low complexity eclipse debian oracle hp netapp CWE-444 critical	9.8
2018-06-26	CVE-2017-7657	HTTP Request Smuggling vulnerability in multiple products In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. network low complexity eclipse debian netapp hp oracle CWE-444 critical	9.8
2017-10-19	CVE-2017-10285	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). network low complexity oracle debian redhat netapp critical	9.6
2017-10-19	CVE-2017-10346	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). network low complexity oracle redhat netapp debian critical	9.6
2017-05-23	CVE-2016-9841	inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. network low complexity zlib opensuse debian canonical oracle redhat apple netapp nodejs critical	9.8
2016-04-21	CVE-2016-3427	Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. network low complexity oracle canonical debian netapp apache redhat suse opensuse critical	9.8