Vulnerabilities > Netapp > Cloud Backup
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-10 | CVE-2021-32399 | Race Condition vulnerability in multiple products net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. | 4.4 |
| 2021-05-10 | CVE-2020-13529 | Authentication Bypass by Spoofing vulnerability in multiple products An exploitable denial-of-service vulnerability exists in Systemd 245. | 6.1 |
| 2021-05-06 | CVE-2020-35519 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. | 7.8 |
| 2021-05-06 | CVE-2021-3501 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel in versions before 5.12. | 3.6 |
| 2021-05-05 | CVE-2021-29489 | Cross-site Scripting vulnerability in multiple products Highcharts JS is a JavaScript charting library based on SVG. | 3.5 |
| 2021-04-29 | CVE-2021-31879 | Open Redirect vulnerability in multiple products GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007. | 5.8 |
| 2021-04-29 | CVE-2021-25215 | Reachable Assertion vulnerability in multiple products In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. | 7.5 |
| 2021-04-29 | CVE-2021-25216 | Out-of-bounds Read vulnerability in multiple products In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. | 6.8 |
| 2021-04-29 | CVE-2021-25214 | Reachable Assertion vulnerability in multiple products In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed. | 6.5 |
| 2021-04-22 | CVE-2021-23133 | Race Condition vulnerability in multiple products A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. | 7.0 |