High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-06	CVE-2018-16890	Integer Overflow or Wraparound vulnerability in multiple products libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. network low complexity haxx canonical debian netapp siemens oracle redhat f5 CWE-190	7.5
2019-01-30	CVE-2018-17199	Session Fixation vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. network low complexity apache debian netapp canonical oracle CWE-384	7.5
2019-01-28	CVE-2019-3462	Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. network high complexity debian canonical netapp	8.1
2019-01-27	CVE-2019-6977	Out-of-bounds Write vulnerability in multiple products gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. network low complexity libgd php debian canonical netapp CWE-787	8.8
2019-01-22	CVE-2019-6260	The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware implement Advanced High-performance Bus (AHB) bridges, which allow arbitrary read and write access to the BMC's physical address space from the host (or from the network in unusual cases where the BMC console uart is attached to a serial concentrator). network low complexity aspeedtech netapp	7.5
2019-01-16	CVE-2017-3145	Use After Free vulnerability in multiple products BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. network low complexity isc redhat debian netapp juniper CWE-416	7.5
2019-01-16	CVE-2019-2534	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). network low complexity oracle canonical netapp redhat	7.1
2018-12-07	CVE-2018-19931	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. local low complexity gnu netapp canonical CWE-787	7.8
2018-11-14	CVE-2018-5495	Unspecified vulnerability in Netapp Storagegrid Webscale All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node. network low complexity netapp	7.5
2018-10-04	CVE-2018-5492	Improper Input Validation vulnerability in Netapp E-Series Santricity OS Controller 11.0.0 NetApp E-Series SANtricity OS Controller Software 11.30 and later version 11.30.5 is susceptible to unauthenticated remote code execution. network low complexity netapp CWE-20	7.5