Steelstore Cloud Integrated Storage

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-05	CVE-2020-12659	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel before 5.6.7. local low complexity linux netapp CWE-787	6.7
2020-05-05	CVE-2020-12653	Out-of-bounds Write vulnerability in multiple products An issue was found in Linux kernel before 5.5.4. local low complexity linux opensuse debian netapp CWE-787	4.6
2020-04-30	CVE-2020-1752	Use After Free vulnerability in multiple products A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. local high complexity gnu canonical netapp debian CWE-416	7.0
2020-04-29	CVE-2020-12465	Classic Buffer Overflow vulnerability in multiple products An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. local low complexity linux netapp CWE-120	6.7
2020-04-29	CVE-2020-12464	Use After Free vulnerability in multiple products usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. local low complexity linux netapp CWE-416	6.7
2020-04-29	CVE-2020-11884	Race Condition vulnerability in multiple products In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. local high complexity linux canonical debian fedoraproject netapp CWE-362	7.0
2020-04-28	CVE-2020-12243	Uncontrolled Recursion vulnerability in multiple products In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). network low complexity openldap debian opensuse canonical netapp broadcom apple oracle CWE-674	5.0
2020-04-21	CVE-2020-1967	NULL Pointer Dereference vulnerability in multiple products Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. network low complexity openssl debian freebsd fedoraproject oracle netapp broadcom opensuse jdedwards tenable CWE-476	7.5
2020-04-15	CVE-2020-2830	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). network low complexity oracle netapp debian fedoraproject opensuse mcafee canonical	5.3
2020-04-15	CVE-2020-2816	Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). network low complexity oracle netapp canonical debian opensuse	5.0