Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-07-15 CVE-2020-14547 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp fedoraproject canonical
4.9
2020-07-15 CVE-2020-14540 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML).
network
low complexity
oracle netapp fedoraproject canonical
4.9
2020-07-15 CVE-2020-14539 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp fedoraproject canonical
6.5
2020-07-04 CVE-2020-15523 Use of Uninitialized Resource vulnerability in multiple products
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application.
6.9
2020-06-29 CVE-2020-14145 Information Exposure Through Discrepancy vulnerability in multiple products
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation.
4.3
2020-06-29 CVE-2020-14002 Information Exposure Through Discrepancy vulnerability in multiple products
PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation.
network
high complexity
putty netapp fedoraproject CWE-203
5.9
2020-06-29 CVE-2020-8573 Use of Hard-coded Credentials vulnerability in Netapp HCI H610S Firmware
The NetApp HCI H610C, H615C and H610S Baseboard Management Controllers (BMC) are shipped with a documented default account and password that should be changed during the initial node setup.
network
low complexity
netapp CWE-798
4.0
2020-06-24 CVE-2020-15025 Memory Leak vulnerability in multiple products
ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file.
network
low complexity
ntp opensuse netapp oracle CWE-401
4.9
2020-06-17 CVE-2020-8619 Improper Resource Shutdown or Release vulnerability in multiple products
In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered.
4.9
2020-06-17 CVE-2020-8618 Reachable Assertion vulnerability in multiple products
An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.
network
low complexity
isc opensuse netapp canonical CWE-617
4.9