Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-18	CVE-2023-21962	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). network low complexity oracle fedoraproject netapp	4.9
2023-04-18	CVE-2023-21967	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). network high complexity oracle netapp debian	5.9
2023-04-18	CVE-2023-21971	Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). network high complexity oracle netapp	5.3
2023-03-30	CVE-2023-27535	Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. network high complexity haxx fedoraproject debian netapp splunk CWE-287	5.9
2023-03-30	CVE-2023-27536	Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. network high complexity haxx fedoraproject debian netapp splunk CWE-287	5.9
2023-03-30	CVE-2023-27537	Double Free vulnerability in multiple products A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". network high complexity haxx netapp broadcom splunk CWE-415	5.9
2023-03-30	CVE-2023-27538	Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. local low complexity haxx fedoraproject debian netapp broadcom splunk CWE-287	5.5
2023-03-16	CVE-2023-28486	Improper Encoding or Escaping of Output vulnerability in multiple products Sudo before 1.9.13 does not escape control characters in log messages. network low complexity sudo-project netapp CWE-116	5.3
2023-03-16	CVE-2023-28487	Improper Encoding or Escaping of Output vulnerability in multiple products Sudo before 1.9.13 does not escape control characters in sudoreplay output. network low complexity sudo-project netapp CWE-116	5.3
2023-02-28	CVE-2022-23239	Cross-site Scripting vulnerability in Netapp Active IQ Unified Manager Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting (XSS) attack. network low complexity netapp CWE-79	4.8