Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-25	CVE-2023-2269	Improper Locking vulnerability in multiple products A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. local low complexity linux fedoraproject debian netapp CWE-667	4.4
2023-04-24	CVE-2023-31084	An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. local low complexity linux fedoraproject debian netapp	5.5
2023-04-19	CVE-2023-20862	Incomplete Cleanup vulnerability in multiple products In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x prior to 6.0.3, the logout support does not properly clean the security context if using serialized versions. network low complexity vmware netapp CWE-459	6.3
2023-04-18	CVE-2023-26049	Jetty is a java based web server and servlet engine. network low complexity eclipse debian netapp	5.3
2023-03-30	CVE-2023-27535	Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. network high complexity haxx fedoraproject debian netapp splunk CWE-287	5.9
2023-03-30	CVE-2023-27536	Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. network high complexity haxx fedoraproject debian netapp splunk CWE-287	5.9
2023-03-30	CVE-2023-27537	Double Free vulnerability in multiple products A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". network high complexity haxx netapp broadcom splunk CWE-415	5.9
2023-03-30	CVE-2023-27538	Improper Authentication vulnerability in multiple products An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. local low complexity haxx fedoraproject debian netapp broadcom splunk CWE-287	5.5
2023-03-16	CVE-2023-28486	Improper Encoding or Escaping of Output vulnerability in multiple products Sudo before 1.9.13 does not escape control characters in log messages. network low complexity sudo-project netapp CWE-116	5.3
2023-03-16	CVE-2023-28487	Improper Encoding or Escaping of Output vulnerability in multiple products Sudo before 1.9.13 does not escape control characters in sudoreplay output. network low complexity sudo-project netapp CWE-116	5.3