Vulnerabilities > Netapp > H300S Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-04 | CVE-2020-13817 | Use of Insufficiently Random Values vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. | 5.8 |
2020-05-18 | CVE-2020-13143 | Out-of-bounds Read vulnerability in multiple products gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. | 6.5 |
2020-05-15 | CVE-2020-12888 | Improper Handling of Exceptional Conditions vulnerability in multiple products The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. | 5.3 |
2020-05-09 | CVE-2020-12771 | Improper Locking vulnerability in multiple products An issue was discovered in the Linux kernel through 5.6.11. | 4.9 |
2020-05-09 | CVE-2020-12770 | An issue was discovered in the Linux kernel through 5.6.11. | 6.7 |
2020-05-09 | CVE-2020-12769 | Improper Synchronization vulnerability in multiple products An issue was discovered in the Linux kernel before 5.4.17. | 4.9 |
2020-05-08 | CVE-2020-10690 | Use After Free vulnerability in multiple products There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. | 6.4 |
2020-05-05 | CVE-2020-12653 | Out-of-bounds Write vulnerability in multiple products An issue was found in Linux kernel before 5.5.4. | 4.6 |
2020-04-29 | CVE-2020-11022 | Cross-site Scripting vulnerability in multiple products In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. | 6.1 |
2020-04-29 | CVE-2020-11023 | Cross-site Scripting vulnerability in multiple products In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. | 6.1 |