Vulnerabilities > Netapp > Active IQ Unified Manager
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-15 | CVE-2020-14556 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). | 4.8 |
2020-07-15 | CVE-2020-14553 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). | 4.3 |
2020-07-15 | CVE-2020-14550 | Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). | 5.3 |
2020-07-15 | CVE-2020-14547 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |
2020-07-15 | CVE-2020-14540 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). | 4.9 |
2020-07-15 | CVE-2020-14539 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 6.5 |
2020-07-13 | CVE-2019-20907 | Infinite Loop vulnerability in multiple products In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. | 7.5 |
2020-06-29 | CVE-2020-14145 | Information Exposure Through Discrepancy vulnerability in multiple products The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. | 4.3 |
2020-06-16 | CVE-2020-14195 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). | 6.8 |
2020-06-15 | CVE-2020-4051 | Cross-site Scripting vulnerability in multiple products In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than 1.14.7, and greater than or equal to 1.15.0 and less than 1.15.4, and greater than or equal to 1.16.0 and less than 1.16.3, there is a cross-site scripting vulnerability in the Editor's LinkDialog plugin. | 5.4 |