Vulnerabilities > Netapp > Active IQ Unified Manager

DATE CVE VULNERABILITY TITLE RISK
2020-08-03 CVE-2020-8575 Unspecified vulnerability in Netapp Active IQ Unified Manager 7.3/9.5/9.6
Active IQ Unified Manager for VMware vSphere and Windows versions prior to 9.5 are susceptible to a vulnerability which allows administrative users to cause Denial of Service (DoS).
local
low complexity
netapp
2.1
2020-08-03 CVE-2020-8574 Unspecified vulnerability in Netapp Active IQ Unified Manager
Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service enabled allowing unauthorized code execution to local users.
local
low complexity
netapp
4.6
2020-07-30 CVE-2020-16166 Use of Insufficiently Random Values vulnerability in multiple products
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c.
3.7
2020-07-29 CVE-2020-15707 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow.
4.4
2020-07-24 CVE-2020-8174 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.
network
nodejs oracle netapp CWE-191
critical
9.3
2020-07-24 CVE-2020-14725 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp
4.0
2020-07-24 CVE-2020-15778 OS Command Injection vulnerability in multiple products
scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument.
local
low complexity
openbsd netapp broadcom CWE-78
7.8
2020-07-15 CVE-2020-14702 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).
network
low complexity
netapp canonical oracle
4.9
2020-07-15 CVE-2020-14697 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).
network
low complexity
oracle netapp canonical
7.2
2020-07-15 CVE-2020-14680 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
netapp canonical oracle
6.5