Vulnerabilities > Netapp > HCI Storage Node

DATE CVE VULNERABILITY TITLE RISK
2020-10-21 CVE-2020-14798 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).
network
high complexity
oracle netapp debian opensuse
3.1
3.1
2020-10-21 CVE-2020-14797 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).
network
high complexity
oracle netapp opensuse debian
3.7
3.7
2020-10-21 CVE-2020-14796 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).
network
high complexity
oracle netapp opensuse debian
3.1
3.1
2020-10-21 CVE-2020-14792 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot).
network
high complexity
oracle debian netapp mcafee opensuse
4.2
4.2
2020-10-21 CVE-2020-14781 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI).
network
high complexity
oracle netapp debian opensuse
3.7
3.7
2020-10-21 CVE-2020-14779 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).
network
high complexity
oracle debian fedoraproject opensuse netapp
3.7
3.7
2020-09-27 CVE-2020-26116 Injection vulnerability in multiple products
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. 		7.2
7.2
2020-07-24 CVE-2020-15778 OS Command Injection vulnerability in multiple products
scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument.
local
low complexity
openbsd netapp broadcom CWE-78
7.8
7.8
2020-06-29 CVE-2020-14145 Information Exposure Through Discrepancy vulnerability in multiple products
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation.
network
high complexity
openbsd netapp CWE-203
5.9
5.9
2019-11-30 CVE-2019-19462 NULL Pointer Dereference vulnerability in multiple products
relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.
local
low complexity
linux netapp canonical opensuse debian CWE-476
5.5
5.5