Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-04-24	CVE-2017-5042	Missing Encryption of Sensitive Data vulnerability in multiple products Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent. low complexity google redhat debian CWE-311	5.7
2017-04-24	CVE-2017-5040	V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page. network low complexity google debian redhat	4.3
2017-04-24	CVE-2017-5038	Use After Free vulnerability in multiple products Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension. network low complexity google debian redhat CWE-416	6.3
2017-04-24	CVE-2017-5033	Improper Preservation of Permissions vulnerability in multiple products Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android failed to correctly propagate CSP restrictions to local scheme pages, which allowed a remote attacker to bypass content security policy via a crafted HTML page, related to the unsafe-inline keyword. network low complexity google debian redhat CWE-281	4.3
2017-04-24	CVE-2017-3600	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). network high complexity oracle redhat debian mariadb	6.6
2017-04-24	CVE-2017-3464	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). network low complexity oracle debian redhat mariadb	4.3
2017-04-24	CVE-2017-3456	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). network low complexity oracle debian mariadb redhat	4.9
2017-04-24	CVE-2017-3453	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle debian mariadb redhat	6.5
2017-04-19	CVE-2016-5410	Improper Authentication vulnerability in multiple products firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method. local low complexity firewalld redhat CWE-287	5.5
2017-04-11	CVE-2016-5011	The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset. low complexity kernel redhat ibm	4.6