Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-06	CVE-2018-7184	ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. network low complexity ntp synology slackware canonical netapp	5.0
2018-03-06	CVE-2018-7182	Out-of-bounds Read vulnerability in multiple products The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10. network low complexity ntp canonical netapp CWE-125	5.0
2018-03-06	CVE-2017-15519	Improper Authentication vulnerability in Netapp Snapcenter Server 2.0/3.0/3.0.1 Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. network low complexity netapp CWE-287	6.4
2018-01-18	CVE-2018-2668	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle mariadb debian canonical netapp redhat	6.8
2018-01-18	CVE-2018-2665	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle mariadb debian canonical netapp redhat	6.8
2018-01-18	CVE-2018-2640	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle mariadb debian canonical netapp redhat	6.8
2018-01-18	CVE-2018-2622	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). network low complexity oracle mariadb debian canonical netapp redhat	6.8
2018-01-18	CVE-2018-2581	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). network low complexity oracle redhat netapp	4.7
2018-01-04	CVE-2017-5753	Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. local intel canonical debian oracle synology opensuse suse arm pepperl-fuchs netapp phoenixcontact siemens vmware CWE-203	4.7
2017-12-18	CVE-2017-14583	Improper Input Validation vulnerability in Netapp Clustered Data Ontap 9.0/9.1/9.2 NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an attacker to cause a Denial of Service (DoS) in SMB environments. network low complexity netapp CWE-20	4.0