High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-18	CVE-2020-28366	Code Injection vulnerability in multiple products Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file. network high complexity golang fedoraproject netapp CWE-94	7.5
2020-11-18	CVE-2020-28362	Improper Certificate Validation vulnerability in multiple products Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. network low complexity golang fedoraproject netapp CWE-295	7.5
2020-11-16	CVE-2020-26217	XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. network low complexity xstream-project debian netapp apache oracle	8.8
2020-11-13	CVE-2020-8583	Unspecified vulnerability in Netapp Element OS and HCI Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session. network low complexity netapp	7.5
2020-11-12	CVE-2020-8760	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. local low complexity intel netapp CWE-190	7.8
2020-11-12	CVE-2020-8754	Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in subsystem for Intel(R) AMT, Intel(R) ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access. network low complexity intel netapp CWE-125	7.5
2020-11-12	CVE-2020-8749	Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. low complexity intel netapp CWE-125	8.8
2020-11-12	CVE-2020-8739	Use of potentially dangerous function in Intel BIOS platform sample code for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. local low complexity intel netapp	7.8
2020-11-12	CVE-2020-0590	Improper Input Validation vulnerability in multiple products Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. local low complexity intel netapp siemens CWE-20	7.8
2020-11-06	CVE-2020-8580	Unspecified vulnerability in Netapp E-Series Santricity OS Controller SANtricity OS Controller Software versions 11.30 and higher are susceptible to a vulnerability which allows an unauthenticated attacker with access to the system to cause a Denial of Service (DoS). network low complexity netapp	7.5