Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-15	CVE-2016-7103	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. network low complexity jqueryui oracle fedoraproject netapp redhat juniper debian CWE-79	6.1
2017-02-15	CVE-2017-0318	Improper Input Validation vulnerability in Nvidia GPU Driver All versions of NVIDIA Linux GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper validation of an input parameter may cause a denial of service on the system. local low complexity nvidia freebsd microsoft oracle CWE-20	4.9
2017-02-15	CVE-2017-0310	Improper Privilege Management vulnerability in Nvidia GPU Driver All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer handler where improper access controls allowing unprivileged user to cause a denial of service. local low complexity nvidia freebsd linux microsoft oracle CWE-269	4.9
2017-02-12	CVE-2017-3302	Use After Free vulnerability in multiple products Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3. network low complexity oracle mariadb debian redhat CWE-416	5.0
2017-02-01	CVE-2016-8977	Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 could disclose sensitive information to an unauthorized user using HTTP GET requests. network low complexity ibm hp linux microsoft oracle CWE-200	5.0
2017-02-01	CVE-2016-8966	Information Exposure vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. network ibm hp linux microsoft oracle CWE-200	4.3
2017-02-01	CVE-2016-8961	Open Redirect vulnerability in IBM Bigfix Inventory and License Metric Tool IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. network ibm hp linux microsoft oracle CWE-601	5.8
2017-01-30	CVE-2016-2518	Out-of-bounds Read vulnerability in multiple products The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value. network low complexity ntp debian netapp oracle redhat freebsd siemens CWE-125	5.0
2017-01-30	CVE-2015-7977	NULL Pointer Dereference vulnerability in multiple products ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. network ntp oracle siemens netapp freebsd fedoraproject debian canonical CWE-476	4.3
2017-01-27	CVE-2017-3443	Remote Security vulnerability in Oracle E-Business Suite Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: User Interface). network oracle	5.8