High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-14	CVE-2020-8285	Uncontrolled Recursion vulnerability in multiple products curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. network low complexity haxx debian fedoraproject netapp apple oracle fujitsu siemens splunk CWE-674	7.5
2020-12-11	CVE-2020-27786	A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. local low complexity linux redhat netapp	7.8
2020-12-09	CVE-2020-29661	Improper Locking vulnerability in multiple products A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. local low complexity linux fedoraproject debian netapp broadcom oracle CWE-667	7.8
2020-12-08	CVE-2020-25692	A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. network low complexity openldap redhat netapp	7.5
2020-12-06	CVE-2020-29573	Out-of-bounds Write vulnerability in multiple products sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. network low complexity gnu redhat netapp CWE-787	7.5
2020-12-03	CVE-2020-17527	Information Exposure vulnerability in multiple products While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. network low complexity apache netapp debian oracle CWE-200	7.5
2020-12-03	CVE-2020-25649	XXE vulnerability in multiple products A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. network low complexity fasterxml netapp fedoraproject quarkus apache oracle CWE-611	7.5
2020-12-02	CVE-2020-14305	An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. network high complexity linux netapp	8.1
2020-11-28	CVE-2020-29370	Race Condition vulnerability in multiple products An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. local high complexity linux netapp CWE-362	7.0
2020-11-28	CVE-2020-29369	Race Condition vulnerability in multiple products An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. local high complexity linux netapp CWE-362	7.0