Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-18	CVE-2018-11237	Out-of-bounds Write vulnerability in multiple products An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper. local low complexity gnu redhat oracle netapp canonical CWE-787	4.6
2018-05-16	CVE-2018-11212	Divide By Zero vulnerability in multiple products An issue was discovered in libjpeg 9a and 9d. network ijg debian canonical netapp oracle redhat opensuse CWE-369	4.3
2018-05-11	CVE-2018-1258	Incorrect Authorization vulnerability in multiple products Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. network low complexity pivotal-software vmware oracle netapp redhat CWE-863	6.5
2018-04-29	CVE-2018-10549	Out-of-bounds Read vulnerability in PHP An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network php canonical debian netapp CWE-125	6.8
2018-04-29	CVE-2018-10548	NULL Pointer Dereference vulnerability in PHP An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network low complexity php canonical debian netapp CWE-476	5.0
2018-04-29	CVE-2018-10547	Cross-site Scripting vulnerability in PHP An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network php canonical debian netapp CWE-79	4.3
2018-04-29	CVE-2018-10546	Infinite Loop vulnerability in PHP An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. network low complexity php canonical debian netapp CWE-835	5.0
2018-04-25	CVE-2018-5486	Missing Authentication for Critical Function vulnerability in Netapp Oncommand Unified Manager NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthorized local attackers to execute arbitrary code. local low complexity netapp linux CWE-306	4.6
2018-04-19	CVE-2018-2846	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). network low complexity oracle canonical netapp	4.0
2018-04-19	CVE-2018-2839	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). network low complexity oracle canonical netapp	4.0