Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-29	CVE-2020-11023	Cross-site Scripting vulnerability in multiple products In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. network low complexity jquery debian fedoraproject drupal oracle netapp tenable CWE-79	6.1
2020-04-28	CVE-2020-12243	Uncontrolled Recursion vulnerability in multiple products In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). network low complexity openldap debian opensuse canonical netapp broadcom apple oracle CWE-674	5.0
2020-04-10	CVE-2020-8832	Information Exposure vulnerability in multiple products The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information. local low complexity canonical netapp CWE-200	5.5
2020-03-04	CVE-2020-10029	Out-of-bounds Write vulnerability in multiple products The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. local low complexity gnu fedoraproject canonical opensuse netapp debian CWE-787	5.5
2020-02-25	CVE-2020-9391	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. local low complexity linux fedoraproject netapp CWE-787	5.5
2020-02-14	CVE-2020-8992	Excessive Iteration vulnerability in multiple products ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. local low complexity linux canonical opensuse netapp CWE-834	4.9
2019-08-19	CVE-2019-15223	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in the Linux kernel before 5.1.8. low complexity linux netapp canonical CWE-476	4.6
2019-08-19	CVE-2019-15222	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in the Linux kernel before 5.2.8. low complexity linux netapp opensuse CWE-476	4.6
2019-08-19	CVE-2019-15221	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in the Linux kernel before 5.1.17. low complexity linux netapp canonical debian opensuse CWE-476	4.6
2019-08-19	CVE-2019-15220	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.2.1. low complexity linux netapp canonical debian opensuse CWE-416	4.6