Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-06-01 CVE-2020-4354 Cross-site Scripting vulnerability in multiple products
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting.
network
low complexity
ibm netapp CWE-79
5.4
2021-05-27 CVE-2020-14301 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
An information disclosure vulnerability was found in libvirt in versions before 6.3.0.
network
low complexity
redhat netapp CWE-212
6.5
2021-05-27 CVE-2021-31808 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache debian netapp fedoraproject CWE-190
6.5
2021-05-27 CVE-2021-31806 Improper Encoding or Escaping of Output vulnerability in multiple products
An issue was discovered in Squid before 4.15 and 5.x before 5.0.6.
network
low complexity
squid-cache debian fedoraproject netapp CWE-116
6.5
2021-05-26 CVE-2020-25673 Resource Exhaustion vulnerability in multiple products
A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
local
low complexity
linux fedoraproject netapp CWE-400
5.5
2021-05-25 CVE-2021-32640 Resource Exhaustion vulnerability in multiple products
ws is an open source WebSocket client and server library for Node.js.
network
low complexity
ws-project netapp CWE-400
5.3
2021-05-24 CVE-2021-3559 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in libvirt in the virConnectListAllNodeDevices API in versions before 7.0.0.
network
low complexity
redhat netapp CWE-119
6.5
2021-05-20 CVE-2021-3426 Path Traversal vulnerability in multiple products
There's a flaw in Python 3's pydoc.
5.7
2021-05-14 CVE-2021-3537 NULL Pointer Dereference vulnerability in multiple products
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference.
5.9
2021-05-10 CVE-2020-13529 Authentication Bypass by Spoofing vulnerability in multiple products
An exploitable denial-of-service vulnerability exists in Systemd 245.
6.1