High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-04-21	CVE-2016-0721	Session Fixation vulnerability in multiple products Session fixation vulnerability in pcsd in pcs before 0.9.157. network low complexity clusterlabs redhat fedoraproject CWE-384	8.1
2017-04-21	CVE-2016-0720	Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. network low complexity clusterlabs redhat fedoraproject CWE-352	8.8
2017-04-13	CVE-2016-4970	Infinite Loop vulnerability in multiple products handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop). network low complexity netty redhat apache CWE-835	7.5
2017-04-12	CVE-2016-4459	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Redhat Enterprise Linux and MOD Cluster Stack-based buffer overflow in native/mod_manager/node.c in mod_cluster 1.2.9. network low complexity redhat CWE-119	7.8
2017-03-31	CVE-2014-5009	Command Injection vulnerability in multiple products Snoopy allows remote attackers to execute arbitrary commands. network low complexity snoopy redhat nagios CWE-77	7.5
2017-03-31	CVE-2014-5008	Command Injection vulnerability in multiple products Snoopy allows remote attackers to execute arbitrary commands. network low complexity snoopy redhat debian CWE-77	7.5
2017-03-31	CVE-2008-7313	Command Injection vulnerability in multiple products The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. network low complexity snoopy redhat nagios CWE-77	7.5
2017-02-03	CVE-2016-10165	Out-of-bounds Read vulnerability in multiple products The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. local low complexity littlecms debian canonical opensuse redhat netapp CWE-125	7.1
2017-01-27	CVE-2016-9636	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'write count' that goes beyond the initialized buffer. network low complexity gstreamer redhat debian CWE-119	7.5
2017-01-27	CVE-2016-9635	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer. network low complexity gstreamer redhat debian CWE-119	7.5