Vulnerabilities > Oracle > ZFS Storage Appliance KIT
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-25 | CVE-2019-20892 | Double Free vulnerability in multiple products net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. | 6.5 |
| 2020-06-24 | CVE-2020-15025 | Memory Leak vulnerability in multiple products ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file. | 4.9 |
| 2020-06-06 | CVE-2020-13871 | Use After Free vulnerability in multiple products SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late. | 7.5 |
| 2020-06-03 | CVE-2020-13596 | Cross-site Scripting vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. | 6.1 |
| 2020-06-03 | CVE-2020-13254 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. | 5.9 |
| 2020-05-27 | CVE-2020-13632 | NULL Pointer Dereference vulnerability in multiple products ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. | 5.5 |
| 2020-05-27 | CVE-2020-13631 | SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. | 5.5 |
| 2020-05-27 | CVE-2020-13630 | Use After Free vulnerability in multiple products ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. | 7.0 |
| 2020-04-28 | CVE-2020-12243 | Uncontrolled Recursion vulnerability in multiple products In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). | 7.5 |
| 2020-04-09 | CVE-2020-11656 | Use After Free vulnerability in multiple products In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. | 9.8 |