Vulnerabilities > Netapp > Ontap Select Deploy Administration Utility

DATE CVE VULNERABILITY TITLE RISK
2020-12-09 CVE-2020-16592 Use After Free vulnerability in multiple products
A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file.
local
low complexity
gnu netapp fedoraproject CWE-416
5.5
2020-12-09 CVE-2020-16591 Out-of-bounds Read vulnerability in multiple products
A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif.
local
low complexity
gnu netapp CWE-125
5.5
2020-12-09 CVE-2020-16590 Double Free vulnerability in multiple products
A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file.
local
low complexity
gnu netapp CWE-415
5.5
2020-06-29 CVE-2020-14145 Information Exposure Through Discrepancy vulnerability in multiple products
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation.
4.3
2020-06-15 CVE-2020-14155 Integer Overflow or Wraparound vulnerability in multiple products
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
network
low complexity
pcre apple gitlab oracle netapp splunk CWE-190
5.3
2020-06-06 CVE-2020-13871 Use After Free vulnerability in multiple products
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
7.5
2020-04-09 CVE-2020-11656 Use After Free vulnerability in multiple products
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
network
low complexity
sqlite netapp oracle siemens tenable CWE-416
7.5
2020-04-09 CVE-2020-11655 Improper Initialization vulnerability in multiple products
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
5.0
2020-01-21 CVE-2019-20388 Memory Leak vulnerability in multiple products
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
7.5
2019-12-24 CVE-2019-19956 Memory Leak vulnerability in multiple products
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
7.5