Vulnerabilities > Netapp > Cloud Backup > High

DATE CVE VULNERABILITY TITLE RISK
2020-11-06 CVE-2020-28196 Uncontrolled Recursion vulnerability in multiple products
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
network
low complexity
mit fedoraproject netapp oracle CWE-674
7.5
2020-09-10 CVE-2020-25221 Operation on a Resource after Expiration or Release vulnerability in multiple products
get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page.
local
low complexity
linux netapp CWE-672
7.8
2020-08-20 CVE-2020-15862 Improper Privilege Management vulnerability in multiple products
Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.
local
low complexity
net-snmp canonical netapp CWE-269
7.8
2020-08-20 CVE-2020-15861 Link Following vulnerability in multiple products
Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following.
local
low complexity
net-snmp canonical netapp CWE-59
7.8
2020-08-19 CVE-2020-14356 NULL Pointer Dereference vulnerability in multiple products
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system.
7.8
2020-07-20 CVE-2020-15852 Incorrect Default Permissions vulnerability in multiple products
An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests.
local
low complexity
linux xen netapp CWE-276
7.8
2020-07-15 CVE-2020-14664 Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX).
network
high complexity
oracle netapp
8.3
2020-07-15 CVE-2020-14593 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). 7.4
2020-07-15 CVE-2020-14583 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). 8.3
2020-06-09 CVE-2020-10757 Type Confusion vulnerability in multiple products
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages.
7.8