Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-29	CVE-2020-12465	Classic Buffer Overflow vulnerability in multiple products An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. local low complexity linux netapp CWE-120	6.7
2020-04-29	CVE-2020-12464	Use After Free vulnerability in multiple products usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. local low complexity linux netapp CWE-416	6.7
2020-04-23	CVE-2020-5865	Cleartext Transmission of Sensitive Information vulnerability in multiple products In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the communicated data vulnerable to interception via man-in-the-middle (MiTM) attacks. network high complexity f5 netapp CWE-319	4.8
2020-04-15	CVE-2020-2830	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). network low complexity oracle netapp debian fedoraproject opensuse mcafee canonical	5.3
2020-04-15	CVE-2020-2800	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). network high complexity oracle netapp debian fedoraproject opensuse canonical	4.8
2020-04-15	CVE-2020-2781	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). network low complexity oracle debian canonical opensuse fedoraproject mcafee netapp	5.3
2020-04-15	CVE-2020-2767	Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). network high complexity oracle netapp debian canonical opensuse	4.8
2020-04-13	CVE-2020-1730	NULL Pointer Dereference vulnerability in multiple products A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. network low complexity libssh canonical netapp redhat fedoraproject oracle CWE-476	5.3
2020-04-10	CVE-2020-8832	Information Exposure vulnerability in multiple products The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information. local low complexity canonical netapp CWE-200	5.5
2020-04-08	CVE-2019-20636	Out-of-bounds Write vulnerability in multiple products In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7. local low complexity linux netapp CWE-787	6.7