Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2016-07-21	CVE-2016-5469	Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5471. local low complexity oracle	5.5
2016-07-21	CVE-2016-5454	Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Verified Boot. local high complexity oracle	6.4
2016-07-21	CVE-2016-5452	Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect confidentiality via vectors related to Verified Boot. local low complexity oracle	5.5
2016-07-21	CVE-2016-3497	Unspecified vulnerability in Oracle Solaris 11.3 Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-5469 and CVE-2016-5471. local low complexity oracle	5.5
2016-07-21	CVE-2016-3453	Unspecified vulnerability in Oracle Solaris 10 Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to Kernel. local low complexity oracle	5.5
2016-07-05	CVE-2016-4956	ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. network low complexity ntp oracle novell suse opensuse siemens	5.3
2016-07-05	CVE-2016-4955	Race Condition vulnerability in multiple products ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time. network high complexity ntp oracle novell suse opensuse siemens CWE-362	5.9
2016-06-20	CVE-2016-2178	Information Exposure Through Discrepancy vulnerability in multiple products The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. local low complexity openssl oracle suse nodejs debian canonical CWE-203	5.5
2016-05-05	CVE-2016-3718	Server-Side Request Forgery (SSRF) vulnerability in multiple products The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image. local low complexity redhat imagemagick canonical oracle suse opensuse CWE-918	5.5
2016-05-05	CVE-2016-3715	The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. local low complexity redhat imagemagick canonical oracle suse opensuse	5.5