Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-24	CVE-2019-9072	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. local low complexity gnu netapp CWE-770	5.5
2019-02-24	CVE-2019-9071	Uncontrolled Recursion vulnerability in multiple products An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. local low complexity gnu netapp canonical CWE-674	5.5
2019-02-04	CVE-2019-7317	Use After Free vulnerability in multiple products png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute. network high complexity libpng debian canonical oracle hpe hp mozilla opensuse netapp redhat CWE-416	5.3
2019-02-01	CVE-2018-5498	Improper Input Validation vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vulnerability which allows remote authenticated attackers to cause a Denial of Service (DoS) in NFS and SMB environments. network high complexity netapp CWE-20	4.4
2019-01-31	CVE-2019-6110	Inappropriate Encoding for Output Context vulnerability in multiple products In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred. network high complexity openbsd winscp netapp siemens CWE-838	6.8
2019-01-31	CVE-2019-6109	Improper Encoding or Escaping of Output vulnerability in multiple products An issue was discovered in OpenSSH 7.9. network high complexity openbsd winscp canonical debian netapp fedoraproject redhat siemens fujitsu CWE-116	6.8
2019-01-30	CVE-2018-17189	Resource Exhaustion vulnerability in multiple products In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. network low complexity apache netapp fedoraproject debian oracle canonical redhat CWE-400	5.3
2019-01-24	CVE-2018-5497	Information Exposure vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user. local low complexity netapp CWE-200	4.4
2019-01-16	CVE-2018-5736	Reachable Assertion vulnerability in multiple products An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. network high complexity isc netapp CWE-617	5.3
2019-01-16	CVE-2017-3140	Resource Exhaustion vulnerability in multiple products If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. network high complexity isc netapp CWE-400	5.9