Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-26	CVE-2020-27223	Resource Exhaustion vulnerability in multiple products In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. network low complexity eclipse apache netapp debian oracle CWE-400	5.3
2020-12-09	CVE-2020-16599	NULL Pointer Dereference vulnerability in multiple products A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file. local low complexity gnu netapp CWE-476	5.5
2020-12-08	CVE-2020-1971	NULL Pointer Dereference vulnerability in multiple products The X.509 GeneralName type is a generic type for representing different types of names. network high complexity openssl debian fedoraproject oracle netapp tenable siemens nodejs CWE-476	5.9
2020-10-21	CVE-2020-14803	Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). network low complexity oracle netapp debian opensuse	5.0
2020-10-21	CVE-2020-14797	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). network oracle netapp opensuse debian	4.3
2020-10-21	CVE-2020-14792	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). network oracle debian netapp mcafee opensuse	5.8
2020-10-21	CVE-2020-14781	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). network oracle netapp debian opensuse	4.3
2020-06-29	CVE-2020-14145	Information Exposure Through Discrepancy vulnerability in multiple products The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. network openbsd netapp CWE-203	4.3
2020-06-12	CVE-2020-10732	Use of Uninitialized Resource vulnerability in multiple products A flaw was found in the Linux kernel's implementation of Userspace core dumps. local low complexity linux opensuse canonical netapp CWE-908	4.4
2020-06-04	CVE-2020-13817	Use of Insufficiently Random Values vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. network ntp netapp opensuse fujitsu CWE-330	5.8