Cloud Backup

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-09	CVE-2020-12770	An issue was discovered in the Linux kernel through 5.6.11. local low complexity linux fedoraproject canonical debian netapp	6.7
2020-05-09	CVE-2020-12769	Improper Synchronization vulnerability in multiple products An issue was discovered in the Linux kernel before 5.4.17. local low complexity linux debian canonical opensuse netapp CWE-662	5.5
2020-05-05	CVE-2020-12659	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel before 5.6.7. local low complexity linux netapp CWE-787	6.7
2020-05-05	CVE-2020-12653	Out-of-bounds Write vulnerability in multiple products An issue was found in Linux kernel before 5.5.4. local low complexity linux opensuse debian netapp CWE-787	7.8
2020-04-29	CVE-2020-12465	Classic Buffer Overflow vulnerability in multiple products An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. local low complexity linux netapp CWE-120	6.7
2020-04-29	CVE-2020-12464	Use After Free vulnerability in multiple products usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. local low complexity linux netapp CWE-416	6.7
2020-04-29	CVE-2020-11884	Race Condition vulnerability in multiple products In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. local high complexity linux canonical debian fedoraproject netapp CWE-362	7.0
2020-04-28	CVE-2020-12243	Uncontrolled Recursion vulnerability in multiple products In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). network low complexity openldap debian opensuse canonical netapp broadcom apple oracle CWE-674	7.5
2020-04-23	CVE-2020-5867	Download of Code Without Integrity Check vulnerability in multiple products In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP instead of HTTPS to check and install packages network high complexity f5 netapp CWE-494	8.1
2020-04-23	CVE-2020-5865	Cleartext Transmission of Sensitive Information vulnerability in multiple products In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the communicated data vulnerable to interception via man-in-the-middle (MiTM) attacks. network high complexity f5 netapp CWE-319	4.8