Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-09	CVE-2020-16593	NULL Pointer Dereference vulnerability in multiple products A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file. local low complexity gnu netapp CWE-476	5.5
2020-12-09	CVE-2020-16592	Use After Free vulnerability in multiple products A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file. local low complexity gnu netapp fedoraproject CWE-416	5.5
2020-12-09	CVE-2020-16591	Out-of-bounds Read vulnerability in multiple products A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif. local low complexity gnu netapp CWE-125	5.5
2020-12-09	CVE-2020-16590	Double Free vulnerability in multiple products A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file. local low complexity gnu netapp CWE-415	5.5
2020-12-09	CVE-2020-29660	Improper Locking vulnerability in multiple products A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. local low complexity linux fedoraproject debian netapp broadcom CWE-667	4.4
2020-12-08	CVE-2020-1971	NULL Pointer Dereference vulnerability in multiple products The X.509 GeneralName type is a generic type for representing different types of names. network high complexity openssl debian fedoraproject oracle netapp tenable siemens nodejs CWE-476	5.9
2020-12-07	CVE-2020-17521	Apache Groovy provides extension methods to aid with creating temporary directories. local low complexity apache netapp oracle	5.5
2020-12-04	CVE-2020-29562	Reachable Assertion vulnerability in multiple products The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. network high complexity gnu fedoraproject netapp CWE-617	4.8
2020-12-03	CVE-2020-27783	A XSS vulnerability was discovered in python-lxml's clean module. network low complexity lxml redhat debian fedoraproject netapp oracle	6.1
2020-12-03	CVE-2020-25711	Missing Authorization vulnerability in multiple products A flaw was found in infinispan 10 REST API, where authorization permissions are not checked while performing some server management operations. network low complexity infinispan redhat netapp CWE-862	6.5