High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-24	CVE-2018-5485	Unspecified vulnerability in Netapp Oncommand Unified Manager 7.2/7.3 NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack. local low complexity netapp	7.8
2018-05-18	CVE-2018-11237	Out-of-bounds Write vulnerability in multiple products An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper. local low complexity gnu redhat oracle netapp canonical CWE-787	7.8
2018-05-11	CVE-2018-1258	Incorrect Authorization vulnerability in multiple products Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. network low complexity pivotal-software vmware oracle netapp redhat CWE-863	8.8
2018-04-29	CVE-2018-10549	Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network low complexity php canonical debian netapp CWE-125	8.8
2018-04-29	CVE-2018-10548	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network low complexity php canonical debian netapp CWE-476	7.5
2018-04-29	CVE-2018-10546	Infinite Loop vulnerability in multiple products An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network low complexity php canonical debian netapp CWE-835	7.5
2018-04-25	CVE-2018-5486	Missing Authentication for Critical Function vulnerability in Netapp Oncommand Unified Manager 7.2/7.3 NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthorized local attackers to execute arbitrary code. local low complexity netapp CWE-306	7.8
2018-04-19	CVE-2018-2826	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). network high complexity oracle canonical netapp	8.3
2018-04-19	CVE-2018-2825	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). network high complexity oracle canonical netapp	8.3
2018-04-19	CVE-2018-2755	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). local high complexity oracle debian canonical mariadb netapp redhat	7.7