Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-08	CVE-2017-10067	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). network high complexity oracle debian redhat netapp	5.1
2017-08-08	CVE-2017-10053	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). network low complexity oracle debian redhat netapp phoenixcontact	5.0
2017-08-07	CVE-2015-7855	Improper Input Validation vulnerability in multiple products The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value. network low complexity ntp debian netapp siemens CWE-20	4.0
2017-08-07	CVE-2015-7854	Classic Buffer Overflow vulnerability in NTP Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file. network low complexity ntp netapp CWE-120	6.5
2017-08-07	CVE-2015-7852	Improper Input Validation vulnerability in NTP ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets. network ntp debian netapp oracle redhat CWE-20	4.3
2017-08-07	CVE-2015-7850	Infinite Loop vulnerability in NTP ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file. network low complexity ntp debian netapp CWE-835	4.0
2017-08-07	CVE-2015-7849	Use After Free vulnerability in NTP Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets. network low complexity ntp netapp CWE-416	6.5
2017-08-07	CVE-2015-7704	Improper Input Validation vulnerability in multiple products The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. network low complexity ntp debian netapp redhat mcafee citrix CWE-20	5.0
2017-08-07	CVE-2015-7702	Improper Input Validation vulnerability in NTP The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). network low complexity ntp oracle debian netapp redhat CWE-20	4.0
2017-08-07	CVE-2015-7701	Missing Release of Resource after Effective Lifetime vulnerability in NTP Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption). network low complexity ntp oracle debian netapp redhat CWE-772	5.0