High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-25	CVE-2019-9162	Out-of-bounds Write vulnerability in multiple products In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation. local low complexity linux netapp canonical CWE-787	7.8
2019-02-24	CVE-2019-9077	Out-of-bounds Write vulnerability in multiple products An issue was discovered in GNU Binutils 2.32. local low complexity gnu netapp canonical f5 CWE-787	7.8
2019-02-24	CVE-2019-9075	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. local low complexity gnu netapp canonical f5 CWE-787	7.8
2019-02-24	CVE-2019-9070	Out-of-bounds Read vulnerability in multiple products An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. local low complexity gnu netapp canonical f5 CWE-125	7.8
2019-02-22	CVE-2019-9024	Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. network low complexity php debian canonical netapp opensuse CWE-125	7.5
2019-02-22	CVE-2019-9022	Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. network low complexity php debian canonical netapp CWE-125	7.5
2019-02-22	CVE-2019-9003	Use After Free vulnerability in multiple products In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop. network low complexity linux netapp canonical opensuse CWE-416	7.5
2019-02-11	CVE-2019-5736	OS Command Injection vulnerability in multiple products runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. local low complexity docker linuxfoundation redhat google linuxcontainers hp netapp apache opensuse d2iq fedoraproject canonical microfocus CWE-78	8.6
2019-02-06	CVE-2019-3823	libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. network low complexity haxx canonical debian netapp oracle	7.5
2019-02-06	CVE-2018-16890	Integer Overflow or Wraparound vulnerability in multiple products libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. network low complexity haxx canonical debian netapp siemens oracle redhat f5 CWE-190	7.5