Vulnerabilities > Netapp > Solidfire > Low

DATE CVE VULNERABILITY TITLE RISK
2020-10-21 CVE-2020-14779 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).
network
high complexity
oracle debian fedoraproject opensuse netapp
3.7
2020-10-21 CVE-2020-14796 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).
network
high complexity
oracle netapp opensuse debian
2.6
2020-10-21 CVE-2020-14798 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries).
network
high complexity
oracle netapp debian opensuse
2.6
2020-07-30 CVE-2020-16166 Use of Insufficiently Random Values vulnerability in multiple products
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c.
3.7
2019-12-25 CVE-2019-19965 NULL Pointer Dereference vulnerability in multiple products
In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.
1.9
2019-12-23 CVE-2019-5108 Improper Authentication vulnerability in multiple products
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3.
3.3
2019-11-28 CVE-2019-19318 Use After Free vulnerability in multiple products
In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,
local
low complexity
linux opensuse canonical debian netapp CWE-416
2.1
2018-03-06 CVE-2018-7170 Unspecified vulnerability in NTP
ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack.
3.5
2018-01-04 CVE-2017-5715 Information Exposure Through Discrepancy vulnerability in multiple products
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
1.9