Vulnerabilities > Netapp > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-11-28 | CVE-2020-27218 | In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. | 4.8 |
2020-11-23 | CVE-2020-15436 | Use After Free vulnerability in multiple products Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. | 6.7 |
2020-11-13 | CVE-2020-8582 | Unspecified vulnerability in Netapp Element OS and HCI Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an authenticated user to view sensitive information. | 6.5 |
2020-11-12 | CVE-2020-8764 | Improper access control in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
2020-11-12 | CVE-2020-8757 | Out-of-bounds Read vulnerability in multiple products Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
2020-11-12 | CVE-2020-8746 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | 6.5 |
2020-11-12 | CVE-2020-8740 | Out-of-bounds Write vulnerability in multiple products Out of bounds write in Intel BIOS platform sample code for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
2020-11-12 | CVE-2020-8738 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
2020-11-12 | CVE-2020-8698 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
2020-11-12 | CVE-2020-8696 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |