High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-09	CVE-2020-29661	Improper Locking vulnerability in multiple products A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. local low complexity linux fedoraproject debian netapp broadcom oracle CWE-667	7.8
2020-12-08	CVE-2020-25692	A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. network low complexity openldap redhat netapp	7.5
2020-12-06	CVE-2020-29573	Out-of-bounds Write vulnerability in multiple products sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. network low complexity gnu redhat netapp CWE-787	7.5
2020-12-03	CVE-2020-17527	Information Exposure vulnerability in multiple products While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. network low complexity apache netapp debian oracle CWE-200	7.5
2020-12-03	CVE-2020-25649	XXE vulnerability in multiple products A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. network low complexity fasterxml netapp fedoraproject quarkus apache oracle CWE-611	7.5
2020-12-02	CVE-2020-14305	An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. network high complexity linux netapp	8.1
2020-11-28	CVE-2020-29370	Race Condition vulnerability in multiple products An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. local high complexity linux netapp CWE-362	7.0
2020-11-28	CVE-2020-29369	Race Condition vulnerability in multiple products An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. local high complexity linux netapp CWE-362	7.0
2020-11-28	CVE-2020-29368	Race Condition vulnerability in multiple products An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. local high complexity linux netapp CWE-362	7.0
2020-11-18	CVE-2020-28366	Code Injection vulnerability in multiple products Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file. network high complexity golang fedoraproject netapp CWE-94	7.5