High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-18	CVE-2020-10673	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus). network low complexity fasterxml debian netapp oracle	8.8
2020-03-18	CVE-2020-10672	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). network low complexity fasterxml debian netapp oracle	8.8
2020-03-16	CVE-2020-7919	Improper Certificate Validation vulnerability in multiple products Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate. network low complexity golang debian fedoraproject netapp CWE-295	7.5
2020-03-05	CVE-2020-9402	SQL Injection vulnerability in multiple products Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. network low complexity djangoproject debian fedoraproject netapp canonical CWE-89	8.8
2020-02-26	CVE-2019-17275	Unspecified vulnerability in Netapp Oncommand Cloud Manager OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arbitrary code execution by remote attackers. network low complexity netapp	7.5
2020-02-26	CVE-2019-17274	Insecure Default Initialization of Resource vulnerability in Netapp products NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions 13.x prior to 13.1P1 were shipped with a default account enabled that could allow unauthorized arbitrary command execution via local access. local low complexity netapp CWE-1188	7.2
2020-02-25	CVE-2020-9383	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel 3.16 through 5.5.6. local low complexity linux debian opensuse canonical netapp CWE-125	7.1
2020-02-04	CVE-2019-9674	Resource Exhaustion vulnerability in multiple products Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. network low complexity python canonical netapp CWE-400	7.5
2020-01-21	CVE-2020-7595	Infinite Loop vulnerability in multiple products xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. network low complexity xmlsoft fedoraproject canonical debian siemens netapp oracle CWE-835	7.5
2020-01-21	CVE-2019-20388	Memory Leak vulnerability in multiple products xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. network low complexity xmlsoft debian netapp oracle opensuse fedoraproject CWE-401	7.5