Ontap Select Deploy Administration Utility

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-09	CVE-2020-16592	Use After Free vulnerability in multiple products A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file. local low complexity gnu netapp fedoraproject CWE-416	5.5
2020-12-09	CVE-2020-16591	Out-of-bounds Read vulnerability in multiple products A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif. local low complexity gnu netapp CWE-125	5.5
2020-12-09	CVE-2020-16590	Double Free vulnerability in multiple products A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file. local low complexity gnu netapp CWE-415	5.5
2020-06-29	CVE-2020-14145	Information Exposure Through Discrepancy vulnerability in multiple products The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. network openbsd netapp CWE-203	4.3
2020-06-15	CVE-2020-14155	Integer Overflow or Wraparound vulnerability in multiple products libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. network low complexity pcre apple gitlab oracle netapp splunk CWE-190	5.3
2020-06-06	CVE-2020-13871	Use After Free vulnerability in multiple products SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late. network low complexity sqlite fedoraproject debian oracle siemens netapp CWE-416	7.5
2020-04-09	CVE-2020-11656	Use After Free vulnerability in multiple products In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. network low complexity sqlite netapp oracle siemens tenable CWE-416	7.5
2020-04-09	CVE-2020-11655	Improper Initialization vulnerability in multiple products SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. network low complexity sqlite netapp debian canonical oracle siemens tenable CWE-665	5.0
2020-01-21	CVE-2019-20388	Memory Leak vulnerability in multiple products xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. network low complexity xmlsoft debian netapp oracle opensuse fedoraproject CWE-401	7.5
2019-12-24	CVE-2019-19956	Memory Leak vulnerability in multiple products xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. network low complexity xmlsoft debian oracle fedoraproject canonical netapp siemens CWE-401	7.5