Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-04	CVE-2020-13817	Use of Insufficiently Random Values vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. network ntp netapp opensuse fujitsu CWE-330	5.8
2019-01-31	CVE-2019-6111	Path Traversal vulnerability in multiple products An issue was discovered in OpenSSH 7.9. network high complexity openbsd winscp canonical debian redhat fedoraproject apache freebsd fujitsu siemens CWE-22	5.9
2019-01-31	CVE-2019-6109	Improper Encoding or Escaping of Output vulnerability in multiple products An issue was discovered in OpenSSH 7.9. network high complexity openbsd winscp canonical debian netapp fedoraproject redhat siemens fujitsu CWE-116	6.8
2019-01-10	CVE-2018-20685	Incorrect Authorization vulnerability in multiple products In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . network high complexity openbsd winscp netapp debian canonical redhat oracle fujitsu siemens CWE-863	5.3
2018-01-24	CVE-2018-1000007	libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. network low complexity haxx debian canonical redhat fujitsu	5.0
2013-03-15	CVE-2013-2566	Inadequate Encryption Strength vulnerability in multiple products The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. network oracle fujitsu canonical mozilla CWE-326	4.3