Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-18	CVE-2018-3058	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). network low complexity oracle netapp canonical debian mariadb redhat	4.3
2018-07-18	CVE-2018-3056	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). network low complexity oracle netapp canonical	4.3
2018-07-18	CVE-2018-3054	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). network low complexity oracle netapp canonical	4.9
2018-07-18	CVE-2018-2973	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE). network high complexity oracle redhat netapp hp	5.9
2018-07-18	CVE-2018-2940	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). network low complexity oracle hp redhat netapp	4.3
2018-07-10	CVE-2018-3693	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. local high complexity intel arm oracle schneider-electric netapp redhat fujitsu	5.6
2018-07-05	CVE-2018-8026	XXE vulnerability in multiple products This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). local low complexity apache netapp CWE-611	5.5
2018-06-22	CVE-2017-7568	Information Exposure vulnerability in Netapp Oncommand Unified Manager 5.1/5.2.1/5.2.2 NetApp OnCommand Unified Manager for 7-Mode (core package) versions prior to 5.2.3 may disclose sensitive LDAP account information to authenticated users when the LDAP authentication configuration is tested via the user interface. network high complexity netapp CWE-200	5.3
2018-06-11	CVE-2018-12099	Cross-site Scripting vulnerability in multiple products Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links. network low complexity grafana netapp CWE-79	6.1
2018-06-07	CVE-2018-3721	lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects. network low complexity lodash netapp	6.5