Active IQ Unified Manager

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-15	CVE-2021-27218	Incorrect Conversion between Numeric Types vulnerability in multiple products An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. network low complexity gnome fedoraproject debian netapp broadcom CWE-681	7.5
2021-02-15	CVE-2021-23337	Code Injection vulnerability in multiple products Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. network low complexity lodash oracle netapp siemens CWE-94	6.5
2021-02-08	CVE-2021-21290	Creation of Temporary File in Directory with Incorrect Permissions vulnerability in multiple products Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. local low complexity netty debian quarkus oracle netapp CWE-379	5.5
2021-01-26	CVE-2021-3156	Off-by-one Error vulnerability in multiple products Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. local low complexity sudo-project fedoraproject debian netapp mcafee synology beyondtrust oracle CWE-193	7.8
2021-01-20	CVE-2021-2011	Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). network high complexity oracle fedoraproject netapp mariadb	5.9
2021-01-20	CVE-2021-2010	Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). network high complexity oracle fedoraproject netapp	4.2
2021-01-20	CVE-2021-2007	Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). network high complexity oracle fedoraproject netapp mariadb	3.7
2021-01-20	CVE-2021-2006	Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). network high complexity oracle fedoraproject netapp	5.3
2021-01-20	CVE-2021-1998	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). network low complexity oracle fedoraproject netapp	3.8
2021-01-19	CVE-2021-20190	Deserialization of Untrusted Data vulnerability in multiple products A flaw was found in jackson-databind before 2.9.10.7. network high complexity fasterxml netapp apache debian oracle CWE-502	8.1