Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-18	CVE-2018-2602	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). local high complexity oracle redhat debian canonical schneider-electric hp	4.5
2018-01-18	CVE-2018-2599	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). network high complexity oracle redhat debian canonical schneider-electric hp	4.8
2018-01-18	CVE-2018-2588	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). network low complexity oracle redhat debian canonical schneider-electric hp	4.3
2018-01-09	CVE-2017-15129	Race Condition vulnerability in multiple products A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. local high complexity linux fedoraproject canonical redhat CWE-362	4.7
2017-12-07	CVE-2017-15121	Unspecified vulnerability in Redhat products A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary. local low complexity redhat	5.5
2017-11-20	CVE-2017-3157	Information Exposure vulnerability in multiple products By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. local low complexity apache debian redhat CWE-200	5.5
2017-11-04	CVE-2017-16541	Information Exposure vulnerability in multiple products Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vectors involving a crafted web site that leverages file:// mishandling in Firefox, aka TorMoil. network low complexity torproject redhat debian CWE-200	6.5
2017-10-26	CVE-2017-15906	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. network low complexity openbsd oracle debian netapp redhat CWE-732	5.3
2017-10-19	CVE-2017-10384	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). network low complexity oracle mariadb debian netapp redhat	6.5
2017-10-19	CVE-2017-10379	Incorrect Authorization vulnerability in multiple products Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). network low complexity oracle mariadb debian redhat netapp CWE-863	6.5