Vulnerabilities > Netapp > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-29 | CVE-2020-11023 | Cross-site Scripting vulnerability in multiple products In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. | 6.1 |
| 2020-04-29 | CVE-2020-12465 | Classic Buffer Overflow vulnerability in multiple products An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. | 6.7 |
| 2020-04-29 | CVE-2020-12464 | Use After Free vulnerability in multiple products usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. | 6.7 |
| 2020-04-27 | CVE-2019-4729 | Information Exposure Through an Error Message vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
| 2020-04-23 | CVE-2020-5865 | Cleartext Transmission of Sensitive Information vulnerability in multiple products In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres database server over unencrypted channels, making the communicated data vulnerable to interception via man-in-the-middle (MiTM) attacks. | 4.8 |
| 2020-04-15 | CVE-2020-2930 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). | 4.4 |
| 2020-04-15 | CVE-2020-2925 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). | 4.9 |
| 2020-04-15 | CVE-2020-2924 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |
| 2020-04-15 | CVE-2020-2923 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |
| 2020-04-15 | CVE-2020-2904 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |