Active IQ Unified Manager

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-08	CVE-2019-10219	Cross-site Scripting vulnerability in multiple products A vulnerability was found in Hibernate-Validator. network low complexity redhat netapp oracle CWE-79	6.1
2019-11-07	CVE-2019-18805	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. network low complexity linux opensuse redhat netapp broadcom CWE-190 critical	9.8
2019-11-04	CVE-2019-18683	Use After Free vulnerability in multiple products An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. local high complexity linux canonical opensuse netapp broadcom debian CWE-416	7.0
2019-10-21	CVE-2019-17498	Integer Overflow or Wraparound vulnerability in multiple products In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. network low complexity libssh2 fedoraproject opensuse debian netapp CWE-190	8.1
2019-10-21	CVE-2019-18218	Out-of-bounds Write vulnerability in multiple products cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). local low complexity file-project debian opensuse netapp fedoraproject canonical CWE-787	7.8
2019-10-16	CVE-2019-3018	Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). network high complexity oracle canonical fedoraproject netapp	4.4
2019-10-16	CVE-2019-3011	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: C API). network low complexity oracle canonical fedoraproject netapp	6.5
2019-10-16	CVE-2019-3009	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection). network high complexity oracle canonical fedoraproject netapp	4.4
2019-10-16	CVE-2019-3004	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). network low complexity oracle canonical fedoraproject netapp	6.5
2019-10-16	CVE-2019-3003	Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). network low complexity oracle canonical netapp	4.9