Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-19	CVE-2018-2766	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle canonical mariadb debian netapp	4.9
2018-04-19	CVE-2018-2761	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). network high complexity oracle debian canonical mariadb netapp redhat	5.9
2018-04-19	CVE-2018-2759	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle netapp canonical mariadb	4.9
2018-03-26	CVE-2018-1302	NULL Pointer Dereference vulnerability in multiple products When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. network high complexity apache canonical netapp CWE-476	5.9
2018-03-26	CVE-2018-1301	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. network high complexity apache debian canonical netapp redhat CWE-119	5.9
2018-03-26	CVE-2018-1283	In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. network high complexity apache debian canonical netapp redhat	5.3
2018-03-09	CVE-2016-8612	Improper Input Validation vulnerability in multiple products Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process. low complexity apache redhat netapp CWE-20	4.3
2018-03-06	CVE-2018-7170	ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. network high complexity ntp synology netapp hpe	5.3
2018-01-29	CVE-2017-1784	Information Exposure vulnerability in multiple products IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user. local low complexity ibm netapp CWE-200	5.5
2018-01-29	CVE-2017-1783	Improper Authentication vulnerability in multiple products IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. local low complexity ibm netapp CWE-287	4.0