Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-21	CVE-2020-14803	Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). network low complexity oracle netapp debian opensuse	5.0
2020-10-21	CVE-2020-14797	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). network oracle netapp opensuse debian	4.3
2020-10-21	CVE-2020-14792	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). network oracle debian netapp mcafee opensuse	5.8
2019-07-02	CVE-2019-5443	Uncontrolled Search Path Element vulnerability in multiple products A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. local haxx oracle netapp CWE-427	4.4
2019-05-10	CVE-2019-5495	7PK - Security Features vulnerability in Netapp Oncommand Unified Manager OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. network low complexity netapp CWE-254	5.0
2019-05-10	CVE-2019-5494	Cleartext Transmission of Sensitive Information vulnerability in Netapp Oncommand Unified Manager OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. network low complexity netapp CWE-319	5.0
2019-02-27	CVE-2019-1559	Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. network high complexity openssl canonical debian netapp f5 tenable opensuse fedoraproject mcafee redhat oracle paloaltonetworks nodejs CWE-203	5.9
2019-01-16	CVE-2019-2539	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). network low complexity oracle netapp redhat	4.9
2019-01-16	CVE-2019-2537	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). network low complexity oracle canonical debian netapp mariadb redhat	4.0
2019-01-16	CVE-2019-2536	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). local high complexity oracle netapp redhat	5.0