High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-27	CVE-2020-8579	Unspecified vulnerability in Netapp Clustered Data Ontap 9.7 Clustered Data ONTAP versions 9.7 through 9.7P7 are susceptible to a vulnerability which allows an attacker with access to an intercluster LIF to cause a Denial of Service (DoS). network low complexity netapp	7.5
2020-10-23	CVE-2020-27216	In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. local high complexity eclipse netapp oracle apache debian	7.0
2020-10-13	CVE-2020-25645	A flaw was found in the Linux kernel in versions before 5.9-rc7. network low complexity linux debian netapp opensuse canonical	7.5
2020-10-06	CVE-2020-25644	Memory Leak vulnerability in multiple products A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. network low complexity redhat netapp CWE-401	7.5
2020-10-06	CVE-2020-25643	A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. network low complexity linux redhat opensuse debian netapp starwindsoftware	7.2
2020-09-27	CVE-2020-26116	Injection vulnerability in multiple products http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. network low complexity python fedoraproject canonical netapp debian oracle opensuse CWE-74	7.2
2020-09-25	CVE-2020-24718	Missing Authorization vulnerability in multiple products bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP. local low complexity freebsd omniosce openindiana netapp CWE-862	8.2
2020-09-23	CVE-2020-10714	A flaw was found in WildFly Elytron version 1.11.3.Final and before. network high complexity redhat netapp	7.5
2020-09-10	CVE-2020-25221	Operation on a Resource after Expiration or Release vulnerability in multiple products get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. local low complexity linux netapp CWE-672	7.8
2020-08-25	CVE-2020-24616	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). network high complexity fasterxml netapp oracle debian CWE-502	8.1