High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-03	CVE-2020-25649	XXE vulnerability in multiple products A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. network low complexity fasterxml netapp fedoraproject quarkus apache oracle CWE-611	7.5
2020-12-02	CVE-2020-14305	Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. network high complexity linux netapp CWE-787	8.1
2020-11-28	CVE-2020-29370	Race Condition vulnerability in multiple products An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. local high complexity linux netapp CWE-362	7.0
2020-11-28	CVE-2020-29369	Race Condition vulnerability in multiple products An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. local high complexity linux netapp CWE-362	7.0
2020-11-28	CVE-2020-29368	Race Condition vulnerability in multiple products An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. local high complexity linux netapp CWE-362	7.0
2020-11-18	CVE-2020-28366	Code Injection vulnerability in multiple products Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file. network high complexity golang fedoraproject netapp CWE-94	7.5
2020-11-18	CVE-2020-28362	Improper Certificate Validation vulnerability in multiple products Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. network low complexity golang fedoraproject netapp CWE-295	7.5
2020-11-16	CVE-2020-26217	OS Command Injection vulnerability in multiple products XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. network low complexity xstream-project debian netapp apache oracle CWE-78	8.8
2020-11-12	CVE-2020-8760	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. local low complexity intel netapp CWE-190	7.8
2020-11-12	CVE-2020-8754	Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access. network low complexity intel netapp CWE-125	7.5