Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-16	CVE-2019-2922	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). network low complexity oracle canonical netapp	5.3
2019-10-16	CVE-2019-2914	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). network low complexity oracle canonical fedoraproject netapp	6.5
2019-09-17	CVE-2019-4342	Cross-site Scripting vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. network low complexity ibm netapp CWE-79	5.4
2019-09-09	CVE-2019-16168	Divide By Zero vulnerability in multiple products In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner." network low complexity sqlite netapp canonical fedoraproject debian tenable oracle mcafee CWE-369	6.5
2019-08-09	CVE-2019-5498	Unspecified vulnerability in Netapp Oncommand Insight OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user. network low complexity netapp	6.5
2019-07-01	CVE-2019-13118	Type Confusion vulnerability in multiple products In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. network low complexity xmlsoft opensuse netapp oracle fedoraproject canonical apple CWE-843	5.3
2019-02-27	CVE-2019-1559	Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. network high complexity openssl canonical debian netapp f5 tenable opensuse fedoraproject mcafee redhat oracle paloaltonetworks nodejs CWE-203	5.9
2019-02-04	CVE-2019-7317	Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. network high complexity libpng debian canonical oracle hpe hp mozilla opensuse netapp redhat CWE-416	5.3
2019-01-16	CVE-2019-2510	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle mariadb redhat netapp canonical	4.9
2019-01-16	CVE-2019-2503	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). high complexity oracle mariadb netapp canonical redhat	6.4