Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-30	CVE-2018-20584	JasPer 2.0.14 allows remote attackers to cause a denial of service (application hang) via an attempted conversion to the jp2 format. network low complexity jasper-project debian oracle	6.5
2018-12-20	CVE-2018-1000873	Improper Input Validation vulnerability in multiple products Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). network low complexity fasterxml oracle netapp CWE-20	6.5
2018-12-13	CVE-2018-19439	Cross-site Scripting vulnerability in Oracle Secure Global Desktop 4.4 XSS exists in the Administration Console in Oracle Secure Global Desktop 4.4 20080807152602 (but was fixed in later versions including 5.4). network oracle CWE-79	4.3
2018-12-05	CVE-2018-19754	Missing Authorization vulnerability in Oracle Tarantella Enterprise Tarantella Enterprise before 3.11 allows bypassing Access Control. network low complexity oracle CWE-862	6.5
2018-12-05	CVE-2018-19753	Path Traversal vulnerability in Oracle Tarantella Enterprise Tarantella Enterprise before 3.11 allows Directory Traversal. network low complexity oracle CWE-22	5.0
2018-11-16	CVE-2018-15769	RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. network low complexity dell oracle	5.0
2018-11-15	CVE-2018-5407	Information Exposure Through Discrepancy vulnerability in multiple products Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. local high complexity canonical debian nodejs openssl tenable oracle redhat CWE-203	4.7
2018-10-30	CVE-2018-0734	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. network high complexity openssl canonical debian nodejs netapp oracle CWE-327	5.9
2018-10-29	CVE-2018-0735	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. network high complexity openssl canonical debian nodejs netapp oracle CWE-327	5.9
2018-10-19	CVE-2018-18224	Out-of-bounds Read vulnerability in multiple products A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. network opendesign oracle CWE-125	5.8