Openstack

DATE	CVE	VULNERABILITY TITLE	RISK
2017-10-19	CVE-2017-10268	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). local high complexity oracle debian redhat mariadb netapp	4.1
2017-08-08	CVE-2017-3653	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). network oracle debian redhat mariadb	3.5
2017-08-08	CVE-2017-3651	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). network low complexity oracle mariadb debian redhat	4.0
2017-08-08	CVE-2017-3641	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). network low complexity oracle debian redhat mariadb	4.9
2017-08-08	CVE-2017-3636	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). local low complexity oracle debian redhat mariadb	4.6
2017-08-02	CVE-2017-10664	qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt. network low complexity qemu debian redhat	5.0
2017-07-25	CVE-2017-7980	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation. local low complexity qemu canonical debian redhat CWE-119	4.6
2017-05-23	CVE-2017-9214	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`. network low complexity openvswitch debian redhat CWE-191	7.5
2017-05-23	CVE-2017-8379	Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events. local low complexity qemu debian redhat CWE-772	4.9
2017-05-23	CVE-2017-8309	Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture. network low complexity qemu debian redhat CWE-772	7.8