Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-15	CVE-2020-2574	Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). network high complexity oracle mariadb netapp canonical opensuse	5.9
2020-01-15	CVE-2020-2573	Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). network high complexity oracle canonical netapp	5.9
2020-01-09	CVE-2019-20372	HTTP Request Smuggling vulnerability in multiple products NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. network low complexity f5 apple canonical opensuse netapp CWE-444	5.3
2020-01-08	CVE-2019-5188	Out-of-bounds Write vulnerability in multiple products A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. local low complexity e2fsprogs-project fedoraproject debian canonical opensuse netapp CWE-787	6.7
2019-12-30	CVE-2019-4343	Incorrect Authorization vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 allows overly permissive cross-origin resource sharing which could allow an attacker to transfer private information. network low complexity ibm netapp CWE-863	6.5
2019-12-30	CVE-2019-20095	Memory Leak vulnerability in multiple products mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. local low complexity linux opensuse netapp CWE-401	5.5
2019-12-28	CVE-2019-20054	NULL Pointer Dereference vulnerability in multiple products In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e. local low complexity linux netapp CWE-476	5.5
2019-12-25	CVE-2019-19966	Use After Free vulnerability in multiple products In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655. low complexity linux debian opensuse netapp CWE-416	4.6
2019-12-25	CVE-2019-19965	NULL Pointer Dereference vulnerability in multiple products In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5. local high complexity linux debian canonical netapp opensuse CWE-476	4.7
2019-12-24	CVE-2019-19924	Improper Handling of Exceptional Conditions vulnerability in multiple products SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. network low complexity sqlite siemens apache oracle netapp CWE-755	5.3