Vulnerabilities > Netapp > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-04 | CVE-2020-13692 | XXE vulnerability in multiple products PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE. | 7.7 |
2020-06-04 | CVE-2020-13817 | Use of Insufficiently Random Values vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. | 7.4 |
2020-06-03 | CVE-2020-13379 | Server-Side Request Forgery (SSRF) vulnerability in multiple products The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. | 8.2 |
2020-05-27 | CVE-2020-13630 | Use After Free vulnerability in multiple products ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. | 7.0 |
2020-05-21 | CVE-2020-8572 | Unspecified vulnerability in Netapp Element Healthtools and Element OS Element OS prior to version 12.0 and Element HealthTools prior to version 2020.04.01.04 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information. | 7.5 |
2020-05-11 | CVE-2019-5500 | Unspecified vulnerability in Netapp products Certain versions of the NetApp Service Processor and Baseboard Management Controller firmware allow a remote unauthenticated attacker to cause a Denial of Service (DoS). | 7.5 |
2020-05-05 | CVE-2020-12653 | Out-of-bounds Write vulnerability in multiple products An issue was found in Linux kernel before 5.5.4. | 7.8 |
2020-04-30 | CVE-2020-1752 | Use After Free vulnerability in multiple products A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. | 7.0 |
2020-04-29 | CVE-2020-11884 | Race Condition vulnerability in multiple products In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. | 7.0 |
2020-04-28 | CVE-2020-12243 | Uncontrolled Recursion vulnerability in multiple products In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). | 7.5 |