High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-08	CVE-2017-10067	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). network high complexity oracle debian redhat netapp	7.5
2017-08-07	CVE-2015-7704	Improper Input Validation vulnerability in multiple products The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. network low complexity ntp debian netapp redhat mcafee citrix CWE-20	7.5
2017-08-07	CVE-2015-7701	Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption). network low complexity ntp oracle debian netapp redhat CWE-772	7.5
2017-08-07	CVE-2015-7692	Improper Input Validation vulnerability in multiple products The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). network low complexity ntp oracle debian netapp redhat CWE-20	7.5
2017-08-07	CVE-2015-7691	Improper Input Validation vulnerability in multiple products The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. network low complexity ntp oracle debian netapp redhat CWE-20	7.5
2017-08-02	CVE-2017-10664	qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt. network low complexity qemu debian redhat	7.5
2017-07-27	CVE-2016-8743	Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. network low complexity apache netapp debian redhat	7.5
2017-07-25	CVE-2017-7980	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation. local low complexity qemu canonical debian redhat CWE-119	7.8
2017-07-24	CVE-2015-7703	Improper Input Validation vulnerability in multiple products The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command. network low complexity ntp oracle debian netapp redhat CWE-20	7.5
2017-07-21	CVE-2015-5300	7PK - Time and State vulnerability in multiple products The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart). network low complexity fedoraproject suse opensuse redhat debian canonical ntp CWE-361	7.5