Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-19	CVE-2019-15213	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.2.3. low complexity linux netapp opensuse CWE-416	4.6
2019-08-19	CVE-2019-15212	Double Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.1.8. low complexity linux netapp canonical debian opensuse CWE-415	4.6
2019-08-19	CVE-2019-15211	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.2.6. low complexity linux netapp canonical debian opensuse CWE-416	4.6
2019-08-16	CVE-2019-15118	Uncontrolled Recursion vulnerability in multiple products check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. local low complexity linux canonical debian opensuse netapp CWE-674	5.5
2019-08-16	CVE-2019-15098	NULL Pointer Dereference vulnerability in multiple products drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. low complexity linux canonical opensuse netapp debian CWE-476	4.6
2019-07-25	CVE-2019-10184	Missing Authorization vulnerability in multiple products undertow before version 2.0.23.Final is vulnerable to an information leak issue. network low complexity redhat netapp CWE-862	5.0
2019-07-01	CVE-2019-13118	Type Confusion vulnerability in multiple products In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. network low complexity xmlsoft opensuse netapp oracle fedoraproject canonical apple CWE-843	5.3
2019-06-12	CVE-2019-3888	Information Exposure Through Log Files vulnerability in multiple products A vulnerability was found in Undertow web server before 2.0.21. network low complexity redhat netapp CWE-532	5.0
2019-02-27	CVE-2019-1559	Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. network high complexity openssl canonical debian netapp f5 tenable opensuse fedoraproject mcafee redhat oracle paloaltonetworks nodejs CWE-203	5.9
2019-02-04	CVE-2019-7317	Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. network high complexity libpng debian canonical oracle hpe hp mozilla opensuse netapp redhat CWE-416	5.3