High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-20	CVE-2020-15862	Improper Privilege Management vulnerability in multiple products Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. local low complexity net-snmp canonical netapp CWE-269	7.8
2020-08-20	CVE-2020-15861	Link Following vulnerability in multiple products Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following. local low complexity net-snmp canonical netapp CWE-59	7.8
2020-08-19	CVE-2020-14356	NULL Pointer Dereference vulnerability in multiple products A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. local low complexity linux redhat opensuse debian canonical netapp CWE-476	7.8
2020-08-07	CVE-2020-11993	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. network low complexity apache netapp canonical opensuse debian fedoraproject oracle CWE-444	7.5
2020-08-03	CVE-2020-8574	Unspecified vulnerability in Netapp Active IQ Unified Manager 7.3 Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service enabled allowing unauthorized code execution to local users. local low complexity netapp	7.8
2020-07-24	CVE-2020-8174	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0. network high complexity nodejs oracle netapp CWE-191	8.1
2020-07-24	CVE-2020-15778	OS Command Injection vulnerability in multiple products scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. local low complexity openbsd netapp broadcom CWE-78	7.8
2020-07-20	CVE-2020-15852	Incorrect Default Permissions vulnerability in multiple products An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. local low complexity linux xen netapp CWE-276	7.8
2020-07-15	CVE-2020-14697	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). network low complexity oracle netapp canonical	7.2
2020-07-15	CVE-2020-14678	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). network low complexity netapp canonical oracle	7.2