Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-17	CVE-2018-15473	Race Condition vulnerability in multiple products OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. network low complexity openbsd debian redhat canonical netapp oracle siemens CWE-362	5.3
2018-08-07	CVE-2018-15132	Information Exposure vulnerability in PHP An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. network low complexity php netapp CWE-200	5.0
2018-08-03	CVE-2018-5490	Incorrect Permission Assignment for Critical Resource vulnerability in Netapp Clustered Data Ontap Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. network low complexity netapp CWE-732	6.5
2018-08-03	CVE-2018-5489	Incorrect Authorization vulnerability in Netapp 7-Mode Transition Tool NetApp 7-Mode Transition Tool allows users with valid credentials to access functions and information which may have been intended to be restricted to administrators or privileged users. network low complexity netapp CWE-863	4.0
2018-08-03	CVE-2018-14884	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. network low complexity php netapp CWE-476	5.0
2018-08-03	CVE-2018-14883	Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. network low complexity php canonical debian netapp CWE-125	5.0
2018-08-02	CVE-2018-14851	Out-of-bounds Read vulnerability in PHP exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file. network php canonical debian netapp CWE-125	4.3
2018-08-02	CVE-2017-9118	Out-of-bounds Read vulnerability in multiple products PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call. network low complexity php netapp CWE-125	5.0
2018-07-31	CVE-2017-13652	Improper Input Validation vulnerability in Netapp Oncommand Insight NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are susceptible to clickjacking attacks which could cause a user to perform an unintended action in the user interface. network netapp CWE-20	4.3
2018-07-18	CVE-2018-3081	Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs). network oracle netapp canonical debian mariadb redhat	4.9