Vulnerabilities > Netapp > Cloud Backup > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-11-06 | CVE-2020-28196 | Uncontrolled Recursion vulnerability in multiple products MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. | 7.5 |
2020-09-10 | CVE-2020-25221 | Operation on a Resource after Expiration or Release vulnerability in multiple products get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. | 7.8 |
2020-08-20 | CVE-2020-15862 | Improper Privilege Management vulnerability in multiple products Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. | 7.8 |
2020-08-20 | CVE-2020-15861 | Link Following vulnerability in multiple products Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following. | 7.8 |
2020-08-19 | CVE-2020-14356 | NULL Pointer Dereference vulnerability in multiple products A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. | 7.8 |
2020-07-20 | CVE-2020-15852 | Incorrect Default Permissions vulnerability in multiple products An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. | 7.8 |
2020-06-09 | CVE-2020-10757 | Type Confusion vulnerability in multiple products A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. | 7.8 |
2020-06-06 | CVE-2020-13871 | Use After Free vulnerability in multiple products SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late. | 7.5 |
2020-06-04 | CVE-2020-13817 | Use of Insufficiently Random Values vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. | 7.4 |
2020-05-27 | CVE-2020-13630 | Use After Free vulnerability in multiple products ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. | 7.0 |