Storage Automation Store

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-22	CVE-2019-9024	Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. network low complexity php debian canonical netapp opensuse CWE-125	7.5
2019-02-22	CVE-2019-9023	Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. network low complexity php debian canonical netapp opensuse CWE-125 critical	9.8
2019-02-22	CVE-2019-9022	Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. network low complexity php debian canonical netapp CWE-125	7.5
2019-02-22	CVE-2019-9021	Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. network low complexity php debian canonical netapp opensuse CWE-125 critical	9.8
2019-02-22	CVE-2019-9020	Use After Free vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. network low complexity php debian canonical netapp opensuse CWE-416 critical	9.8
2019-01-31	CVE-2019-6110	Inappropriate Encoding for Output Context vulnerability in multiple products In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred. network high complexity openbsd winscp netapp siemens CWE-838	6.8
2019-01-31	CVE-2019-6109	Improper Encoding or Escaping of Output vulnerability in multiple products An issue was discovered in OpenSSH 7.9. network high complexity openbsd winscp canonical debian netapp fedoraproject redhat siemens fujitsu CWE-116	6.8
2019-01-30	CVE-2018-17199	Session Fixation vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. network low complexity apache debian netapp canonical oracle CWE-384	7.5
2019-01-30	CVE-2018-17189	Resource Exhaustion vulnerability in multiple products In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. network low complexity apache netapp fedoraproject debian oracle canonical redhat CWE-400	5.3
2019-01-27	CVE-2019-6977	Out-of-bounds Write vulnerability in multiple products gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. network low complexity libgd php debian canonical netapp CWE-787	8.8