A700S Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-23	CVE-2020-15436	Use After Free vulnerability in multiple products Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. local low complexity linux broadcom netapp CWE-416	6.7
2020-07-24	CVE-2020-15778	OS Command Injection vulnerability in multiple products scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. local low complexity openbsd netapp broadcom CWE-78	7.8
2020-05-18	CVE-2020-13143	Out-of-bounds Read vulnerability in multiple products gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. network low complexity linux opensuse debian canonical netapp CWE-125	6.5
2020-05-15	CVE-2020-12888	Improper Handling of Exceptional Conditions vulnerability in multiple products The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. local high complexity linux fedoraproject opensuse debian canonical netapp CWE-755	5.3
2020-05-09	CVE-2020-12771	Improper Locking vulnerability in multiple products An issue was discovered in the Linux kernel through 5.6.11. local low complexity linux debian opensuse canonical netapp oracle CWE-667	5.5
2020-05-09	CVE-2020-12770	An issue was discovered in the Linux kernel through 5.6.11. local low complexity linux fedoraproject canonical debian netapp	6.7
2020-05-09	CVE-2020-12769	Improper Synchronization vulnerability in multiple products An issue was discovered in the Linux kernel before 5.4.17. local low complexity linux debian canonical opensuse netapp CWE-662	5.5
2020-05-05	CVE-2020-12653	Out-of-bounds Write vulnerability in multiple products An issue was found in Linux kernel before 5.5.4. local low complexity linux opensuse debian netapp CWE-787	7.8
2020-04-29	CVE-2020-11884	Race Condition vulnerability in multiple products In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. local high complexity linux canonical debian fedoraproject netapp CWE-362	7.0
2020-04-02	CVE-2020-8835	Out-of-bounds Write vulnerability in multiple products In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. local low complexity linux fedoraproject canonical netapp CWE-787	7.8