Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-08	CVE-2018-18065	NULL Pointer Dereference vulnerability in multiple products _set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. network low complexity net-snmp debian canonical netapp paloaltonetworks CWE-476	4.0
2018-08-17	CVE-2018-15473	Race Condition vulnerability in multiple products OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. network low complexity openbsd debian redhat canonical netapp oracle siemens CWE-362	5.3
2017-09-01	CVE-2016-1895	Use of Externally-Controlled Format String vulnerability in Netapp Data Ontap NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to cause a denial of service via vectors related to unsafe user input string handling. network low complexity netapp CWE-134	4.0
2017-08-18	CVE-2017-12859	Improper Input Validation vulnerability in Netapp Data Ontap NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors. network netapp CWE-20	4.3
2017-08-07	CVE-2015-7855	Improper Input Validation vulnerability in multiple products The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value. network low complexity ntp debian netapp siemens CWE-20	4.0
2017-08-07	CVE-2015-7854	Classic Buffer Overflow vulnerability in NTP Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file. network low complexity ntp netapp CWE-120	6.5
2017-08-07	CVE-2015-7852	Improper Input Validation vulnerability in NTP ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets. network ntp debian netapp oracle redhat CWE-20	4.3
2017-08-07	CVE-2015-7850	Infinite Loop vulnerability in NTP ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file. network low complexity ntp debian netapp CWE-835	4.0
2017-08-07	CVE-2015-7849	Use After Free vulnerability in NTP Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets. network low complexity ntp netapp CWE-416	6.5
2017-08-07	CVE-2015-7704	Improper Input Validation vulnerability in multiple products The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. network low complexity ntp debian netapp redhat mcafee citrix CWE-20	5.0