Vulnerabilities > Netapp > Ontap Select Deploy Administration Utility > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-09 | CVE-2020-16593 | NULL Pointer Dereference vulnerability in multiple products A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file. | 5.5 |
| 2020-12-09 | CVE-2020-16592 | Use After Free vulnerability in multiple products A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file. | 5.5 |
| 2020-12-09 | CVE-2020-16591 | Out-of-bounds Read vulnerability in multiple products A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif. | 5.5 |
| 2020-12-09 | CVE-2020-16590 | Double Free vulnerability in multiple products A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file. | 5.5 |
| 2020-06-29 | CVE-2020-14145 | Information Exposure Through Discrepancy vulnerability in multiple products The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. | 4.3 |
| 2020-06-15 | CVE-2020-14155 | Integer Overflow or Wraparound vulnerability in multiple products libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. | 5.3 |
| 2020-04-09 | CVE-2020-11655 | Improper Initialization vulnerability in multiple products SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. | 5.0 |
| 2019-11-21 | CVE-2019-17272 | Improper Input Validation vulnerability in Netapp Ontap Select Deploy Administration Utility All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges. | 6.5 |
| 2019-09-24 | CVE-2019-5505 | Insufficiently Protected Credentials vulnerability in Netapp Ontap Select Deploy Administration Utility ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext. | 5.0 |
| 2019-09-09 | CVE-2019-16168 | Divide By Zero vulnerability in multiple products In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner." | 6.5 |