Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-06	CVE-2019-1551	Integer Overflow or Wraparound vulnerability in multiple products There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. network low complexity openssl opensuse oracle canonical fedoraproject debian tenable CWE-190	5.3
2019-10-23	CVE-2019-3982	Improper Input Validation vulnerability in Tenable Nessus Nessus versions 8.6.0 and earlier were found to contain a Denial of Service vulnerability due to improper validation of specific imported scan types. network low complexity tenable CWE-20	6.5
2019-09-09	CVE-2019-16168	Divide By Zero vulnerability in multiple products In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner." network low complexity sqlite netapp canonical fedoraproject debian tenable oracle mcafee CWE-369	6.5
2019-06-25	CVE-2019-3961	Cross-site Scripting vulnerability in Tenable Nessus Nessus versions 8.4.0 and earlier were found to contain a reflected XSS vulnerability due to improper validation of user-supplied input. network low complexity tenable CWE-79	6.1
2019-02-27	CVE-2019-1559	Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. network high complexity openssl canonical debian netapp f5 tenable opensuse fedoraproject mcafee redhat oracle paloaltonetworks nodejs CWE-203	5.9
2019-02-20	CVE-2019-8331	Cross-site Scripting vulnerability in multiple products In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. network low complexity getbootstrap f5 redhat tenable CWE-79	6.1
2019-02-12	CVE-2019-3923	Cross-site Scripting vulnerability in Tenable Nessus Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input. network low complexity tenable CWE-79	5.4
2018-11-15	CVE-2018-5407	Information Exposure Through Discrepancy vulnerability in multiple products Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. local high complexity canonical debian nodejs openssl tenable oracle redhat CWE-203	4.7
2018-08-02	CVE-2018-1155	Cross-site Scripting vulnerability in Tenable Securitycenter In SecurityCenter versions prior to 5.7.0, a cross-site scripting (XSS) issue could allow an authenticated attacker to inject JavaScript code into an image filename parameter within the Reports feature area. network low complexity tenable CWE-79	5.4
2018-05-18	CVE-2018-1148	Session Fixation vulnerability in Tenable Nessus In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. network low complexity tenable CWE-384	6.5