Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-10-17	CVE-2017-13078	Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients. high complexity debian freebsd canonical opensuse redhat w1-fi suse CWE-330	5.3
2017-10-17	CVE-2017-13077	Use of Insufficiently Random Values vulnerability in multiple products Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames. high complexity debian freebsd canonical opensuse redhat w1-fi suse CWE-330	6.8
2017-10-03	CVE-2017-14494	Information Exposure vulnerability in multiple products dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. network high complexity redhat debian novell canonical thekelleys CWE-200	5.9
2017-09-19	CVE-2015-7837	7PK - Security Features vulnerability in Redhat products The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot. local low complexity redhat CWE-254	5.5
2017-08-10	CVE-2016-6794	When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. network low complexity apache debian redhat netapp canonical oracle	5.3
2017-08-10	CVE-2016-0762	Information Exposure Through Discrepancy vulnerability in multiple products The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. network high complexity apache canonical debian redhat netapp oracle CWE-203	5.9
2017-08-08	CVE-2017-3651	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). network low complexity oracle mariadb debian redhat	4.3
2017-08-08	CVE-2017-3641	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). network low complexity oracle debian redhat mariadb	4.9
2017-08-08	CVE-2017-3636	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). local low complexity oracle debian redhat mariadb	5.3
2017-08-08	CVE-2017-10243	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). network low complexity oracle debian netapp redhat	6.5