High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-05-09	CVE-2017-3071	Use After Free vulnerability in multiple products Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. network low complexity adobe redhat CWE-416	8.8
2017-05-09	CVE-2017-3070	Out-of-bounds Write vulnerability in multiple products Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class. network low complexity adobe redhat CWE-787	8.8
2017-05-09	CVE-2017-3069	Out-of-bounds Write vulnerability in multiple products Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. network low complexity adobe redhat CWE-787	8.8
2017-05-09	CVE-2017-3068	Out-of-bounds Write vulnerability in multiple products Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. network low complexity adobe redhat CWE-787	8.8
2017-04-27	CVE-2017-8291	Type Confusion vulnerability in multiple products Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. local low complexity artifex debian redhat CWE-843	7.8
2017-04-24	CVE-2017-5043	Use After Free vulnerability in multiple products Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension. network low complexity google redhat debian CWE-416	8.8
2017-04-24	CVE-2017-5039	Use After Free vulnerability in multiple products A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. local low complexity google debian redhat CWE-416	7.8
2017-04-24	CVE-2017-5037	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. local low complexity google debian redhat CWE-190	7.8
2017-04-24	CVE-2017-5036	Use After Free vulnerability in multiple products A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF file. local low complexity google debian redhat CWE-416	7.8
2017-04-24	CVE-2017-5035	Race Condition vulnerability in multiple products Google Chrome prior to 57.0.2987.98 for Windows and Mac had a race condition, which could cause Chrome to display incorrect certificate information for a site. network high complexity google debian redhat CWE-362	8.1