High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-04-24	CVE-2017-3308	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). network low complexity oracle debian mariadb redhat	7.7
2017-04-14	CVE-2016-6489	Information Exposure Through Discrepancy vulnerability in multiple products The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack. network low complexity redhat canonical nettle-project CWE-203	7.5
2017-04-11	CVE-2016-4989	Command Injection vulnerability in multiple products setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445. local high complexity setroubleshoot-project redhat CWE-77	7.0
2017-04-11	CVE-2016-4446	Command Injection vulnerability in multiple products The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function. local high complexity setroubleshoot-project redhat CWE-77	7.0
2017-04-11	CVE-2016-4445	Command Injection vulnerability in multiple products The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function. local high complexity setroubleshoot-project redhat CWE-77	7.0
2017-04-11	CVE-2016-4444	Command Injection vulnerability in multiple products The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function. local high complexity setroubleshoot-project redhat CWE-77	7.0
2017-02-15	CVE-2016-9560	Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image. local low complexity jasper-project debian redhat CWE-787	7.8
2017-02-12	CVE-2017-3302	Use After Free vulnerability in multiple products Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3. network low complexity oracle mariadb debian redhat CWE-416	7.5
2017-02-09	CVE-2017-5848	Out-of-bounds Read vulnerability in multiple products The gst_ps_demux_parse_psm function in gst/mpegdemux/gstmpegdemux.c in gst-plugins-bad in GStreamer allows remote attackers to cause a denial of service (invalid memory read and crash) via vectors involving PSM parsing. network low complexity gstreamer-project debian redhat CWE-125	7.5
2017-02-03	CVE-2016-10165	Out-of-bounds Read vulnerability in multiple products The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. local low complexity littlecms debian canonical opensuse redhat netapp CWE-125	7.1