High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-04	CVE-2020-13692	XXE vulnerability in multiple products PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE. network high complexity postgresql quarkus netapp fedoraproject debian CWE-611	7.7
2020-06-04	CVE-2020-13817	Use of Insufficiently Random Values vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. network high complexity ntp netapp opensuse fujitsu CWE-330	7.4
2020-06-03	CVE-2020-13379	Server-Side Request Forgery (SSRF) vulnerability in multiple products The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. network low complexity grafana fedoraproject netapp opensuse CWE-918	8.2
2020-05-27	CVE-2020-13630	Use After Free vulnerability in multiple products ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. local high complexity sqlite fedoraproject canonical netapp brocade debian siemens apple oracle CWE-416	7.0
2020-05-21	CVE-2020-8572	Unspecified vulnerability in Netapp Element Healthtools and Element OS Element OS prior to version 12.0 and Element HealthTools prior to version 2020.04.01.04 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information. network low complexity netapp	7.5
2020-05-11	CVE-2019-5500	Unspecified vulnerability in Netapp products Certain versions of the NetApp Service Processor and Baseboard Management Controller firmware allow a remote unauthenticated attacker to cause a Denial of Service (DoS). network low complexity netapp	7.5
2020-05-05	CVE-2020-12653	Out-of-bounds Write vulnerability in multiple products An issue was found in Linux kernel before 5.5.4. local low complexity linux opensuse debian netapp CWE-787	7.8
2020-04-30	CVE-2020-1752	Use After Free vulnerability in multiple products A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. local high complexity gnu canonical netapp debian CWE-416	7.0
2020-04-29	CVE-2020-11884	Race Condition vulnerability in multiple products In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. local high complexity linux canonical debian fedoraproject netapp CWE-362	7.0
2020-04-28	CVE-2020-12243	Uncontrolled Recursion vulnerability in multiple products In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). network low complexity openldap debian opensuse canonical netapp broadcom apple oracle CWE-674	7.5