9.11p1

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-07	CVE-2019-17267	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. network low complexity fasterxml netapp debian redhat oracle CWE-502 critical	9.8
2019-10-01	CVE-2019-16943	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. network low complexity fasterxml debian fedoraproject redhat oracle netapp CWE-502 critical	9.8
2019-10-01	CVE-2019-16942	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. network low complexity fasterxml debian fedoraproject redhat netapp oracle CWE-502 critical	9.8
2019-09-09	CVE-2019-16168	Divide By Zero vulnerability in multiple products In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner." network low complexity sqlite netapp canonical fedoraproject debian tenable oracle mcafee CWE-369	6.5
2019-07-29	CVE-2019-14379	SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. network low complexity fasterxml debian netapp fedoraproject redhat oracle apple critical	9.8
2019-02-27	CVE-2019-1559	Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. network high complexity openssl canonical debian netapp f5 tenable opensuse fedoraproject mcafee redhat oracle paloaltonetworks nodejs CWE-203	5.9
2019-02-06	CVE-2019-3822	Out-of-bounds Write vulnerability in multiple products libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. network low complexity haxx canonical debian netapp siemens oracle redhat CWE-787 critical	9.8
2018-12-20	CVE-2018-1000873	Improper Input Validation vulnerability in multiple products Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). network low complexity fasterxml oracle netapp CWE-20	6.5
2018-01-18	CVE-2018-2638	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). network high complexity oracle redhat netapp	8.3
2018-01-18	CVE-2018-2627	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). local high complexity oracle redhat netapp	7.5