Active IQ Unified Manager

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-15	CVE-2020-14556	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). network high complexity oracle fedoraproject opensuse debian canonical netapp	4.8
2020-07-15	CVE-2020-14553	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). network low complexity oracle netapp fedoraproject canonical	4.3
2020-07-15	CVE-2020-14550	Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). network high complexity oracle netapp fedoraproject canonical mariadb	5.3
2020-07-15	CVE-2020-14547	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). network low complexity oracle netapp fedoraproject canonical	4.9
2020-07-15	CVE-2020-14540	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). network low complexity oracle netapp fedoraproject canonical	4.9
2020-07-15	CVE-2020-14539	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). network low complexity oracle netapp fedoraproject canonical	6.5
2020-07-13	CVE-2019-20907	Infinite Loop vulnerability in multiple products In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. network low complexity python opensuse debian fedoraproject canonical netapp oracle CWE-835	7.5
2020-06-29	CVE-2020-14145	Information Exposure Through Discrepancy vulnerability in multiple products The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. network openbsd netapp CWE-203	4.3
2020-06-16	CVE-2020-14195	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). network fasterxml netapp debian oracle CWE-502	6.8
2020-06-15	CVE-2020-4051	Cross-site Scripting vulnerability in multiple products In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than 1.14.7, and greater than or equal to 1.15.0 and less than 1.15.4, and greater than or equal to 1.16.0 and less than 1.16.3, there is a cross-site scripting vulnerability in the Editor's LinkDialog plugin. network low complexity openjsf debian netapp CWE-79	5.4