Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2021-03-03 CVE-2021-20225 Out-of-bounds Write vulnerability in multiple products
A flaw was found in grub2 in versions prior to 2.06.
local
low complexity
gnu redhat fedoraproject netapp CWE-787
6.7
6.7
2021-03-03 CVE-2020-27779 A flaw was found in grub2 in versions prior to 2.06.
local
high complexity
gnu redhat fedoraproject netapp
7.5
7.5
2021-03-03 CVE-2020-27749 Stack-based Buffer Overflow vulnerability in multiple products
A flaw was found in grub2 in versions prior to 2.06.
local
low complexity
gnu redhat fedoraproject netapp CWE-121
6.7
6.7
2021-03-03 CVE-2020-25647 Out-of-bounds Write vulnerability in multiple products
A flaw was found in grub2 in versions prior to 2.06. 		7.6
7.6
2021-03-03 CVE-2020-25632 Use After Free vulnerability in multiple products
A flaw was found in grub2 in versions prior to 2.06.
local
low complexity
gnu redhat fedoraproject netapp CWE-416
8.2
8.2
2021-03-03 CVE-2020-14372 Incomplete Blacklist vulnerability in multiple products
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled.
local
high complexity
gnu redhat fedoraproject netapp CWE-184
7.5
7.5
2021-02-26 CVE-2020-27618 Infinite Loop vulnerability in multiple products
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.
local
low complexity
gnu netapp oracle debian CWE-835
5.5
5.5
2021-02-26 CVE-2020-27223 Resource Exhaustion vulnerability in multiple products
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e.
network
low complexity
eclipse apache netapp debian oracle CWE-400
5.3
5.3
2021-02-23 CVE-2021-20220 HTTP Request Smuggling vulnerability in multiple products
A flaw was found in Undertow. 		5.8
5.8
2021-02-23 CVE-2021-20226 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the io_uring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations on the object by not incrementing the file reference counter while in use.
local
low complexity
linux netapp CWE-416
7.8
7.8