Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-10-21 CVE-2020-14776 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
network
low complexity
oracle netapp fedoraproject mariadb
4.9
2020-10-21 CVE-2020-14775 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
network
low complexity
oracle netapp fedoraproject
6.5
2020-10-21 CVE-2020-14773 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp fedoraproject
4.9
2020-10-21 CVE-2020-14769 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp fedoraproject
6.5
2020-10-21 CVE-2020-14765 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS).
network
low complexity
oracle netapp debian fedoraproject mariadb
6.5
2020-10-21 CVE-2020-14672 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure).
network
low complexity
oracle netapp fedoraproject
4.9
2020-10-13 CVE-2020-25645 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A flaw was found in the Linux kernel in versions before 5.9-rc7.
network
low complexity
linux debian netapp opensuse canonical CWE-319
5.0
2020-10-02 CVE-2020-7070 Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded.
5.3
2020-10-02 CVE-2020-7069 Inadequate Encryption Strength vulnerability in multiple products
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used.
6.5
2020-09-19 CVE-2020-5421 In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
network
high complexity
vmware oracle netapp
6.5