Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-23	CVE-2020-5865	Cleartext Transmission of Sensitive Information vulnerability in multiple products In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the communicated data vulnerable to interception via man-in-the-middle (MiTM) attacks. network f5 netapp CWE-319	5.8
2020-04-15	CVE-2020-2830	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). network low complexity oracle netapp debian fedoraproject opensuse mcafee canonical	5.3
2020-04-15	CVE-2020-2816	Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). network low complexity oracle netapp canonical debian opensuse	5.0
2020-04-15	CVE-2020-2800	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). network high complexity oracle netapp debian fedoraproject opensuse canonical	4.8
2020-04-15	CVE-2020-2781	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). network low complexity oracle debian canonical opensuse fedoraproject mcafee netapp	5.3
2020-04-15	CVE-2020-2767	Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). network high complexity oracle netapp debian canonical opensuse	4.8
2020-04-13	CVE-2020-1730	NULL Pointer Dereference vulnerability in multiple products A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. network low complexity libssh canonical netapp redhat fedoraproject oracle CWE-476	5.3
2020-04-10	CVE-2020-8832	Information Exposure vulnerability in multiple products The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information. local low complexity canonical netapp CWE-200	5.5
2020-04-08	CVE-2019-20636	Out-of-bounds Write vulnerability in multiple products In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7. local low complexity linux netapp CWE-787	6.7
2020-03-04	CVE-2020-10029	Out-of-bounds Write vulnerability in multiple products The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. local low complexity gnu fedoraproject canonical opensuse netapp debian CWE-787	5.5