Virtual Diskstation Manager

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-06	CVE-2018-7185	The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association. network low complexity ntp synology canonical netapp hpe oracle	7.5
2018-03-06	CVE-2018-7184	ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. network low complexity ntp synology slackware canonical netapp	7.5
2018-03-06	CVE-2018-7170	ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. network high complexity ntp synology netapp hpe	5.3