Vulnerabilities > Netapp > Active IQ Unified Manager

DATE CVE VULNERABILITY TITLE RISK
2020-05-15 CVE-2020-12888 Improper Handling of Exceptional Conditions vulnerability in multiple products
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
5.3
2020-05-09 CVE-2020-12771 Improper Locking vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.6.11.
4.9
2020-05-09 CVE-2020-12770 An issue was discovered in the Linux kernel through 5.6.11.
local
low complexity
linux fedoraproject canonical debian netapp
6.7
2020-05-09 CVE-2020-12769 Improper Synchronization vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.4.17.
local
low complexity
linux debian canonical opensuse netapp CWE-662
4.9
2020-05-08 CVE-2020-10690 Use After Free vulnerability in multiple products
There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation.
6.4
2020-05-05 CVE-2020-12659 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.6.7.
local
low complexity
linux netapp CWE-787
6.7
2020-05-05 CVE-2020-12653 Out-of-bounds Write vulnerability in multiple products
An issue was found in Linux kernel before 5.5.4.
local
low complexity
linux opensuse debian netapp CWE-787
4.6
2020-04-30 CVE-2020-1752 Use After Free vulnerability in multiple products
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out.
local
high complexity
gnu canonical netapp debian CWE-416
7.0
2020-04-29 CVE-2020-12465 Classic Buffer Overflow vulnerability in multiple products
An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf.
local
low complexity
linux netapp CWE-120
6.7
2020-04-29 CVE-2020-12464 Use After Free vulnerability in multiple products
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
local
low complexity
linux netapp CWE-416
6.7