Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-10	CVE-2018-20002	Missing Release of Resource after Effective Lifetime vulnerability in multiple products The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm. local low complexity gnu netapp f5 CWE-772	5.5
2018-12-07	CVE-2018-19932	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. local low complexity gnu netapp CWE-190	5.5
2018-08-17	CVE-2018-15473	Race Condition vulnerability in multiple products OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. network low complexity openbsd debian redhat canonical netapp oracle siemens CWE-362	5.3
2017-08-08	CVE-2017-10053	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). network low complexity oracle debian redhat netapp phoenixcontact	5.3