Filtered by vendor Netapp
Subscribe
Total
2315 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-19190 | 2 Gnu, Netapp | 2 Ncurses, Active Iq Unified Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | |||||
| CVE-2020-19189 | 3 Debian, Gnu, Netapp | 3 Debian Linux, Ncurses, Active Iq Unified Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | |||||
| CVE-2020-19188 | 2 Gnu, Netapp | 2 Ncurses, Active Iq Unified Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | |||||
| CVE-2020-19187 | 2 Gnu, Netapp | 2 Ncurses, Active Iq Unified Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | |||||
| CVE-2020-19186 | 2 Gnu, Netapp | 2 Ncurses, Active Iq Unified Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | |||||
| CVE-2020-19185 | 2 Gnu, Netapp | 2 Ncurses, Active Iq Unified Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | |||||
| CVE-2020-19144 | 3 Debian, Netapp, Simplesystems | 3 Debian Linux, Ontap Select Deploy Administration Utility, Libtiff | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'. | |||||
| CVE-2020-17527 | 4 Apache, Debian, Netapp and 1 more | 12 Tomcat, Debian Linux, Element Plug-in and 9 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests. | |||||
| CVE-2020-17521 | 3 Apache, Netapp, Oracle | 21 Atlas, Groovy, Snapcenter and 18 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the extension methods mentioned in the advisory are not affected, but may wish to read the advisory for further details. Versions Affected: 2.0 to 2.4.20, 2.5.0 to 2.5.13, 3.0.0 to 3.0.6, and 4.0.0-alpha-1. Fixed in versions 2.4.21, 2.5.14, 3.0.7, 4.0.0-alpha-2. | |||||
| CVE-2020-16599 | 2 Gnu, Netapp | 5 Binutils, Cloud Backup, Hci Management Node and 2 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file. | |||||
| CVE-2020-16593 | 2 Gnu, Netapp | 4 Binutils, Cloud Backup, Ontap Select Deploy Administration Utility and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file. | |||||
| CVE-2020-16592 | 3 Fedoraproject, Gnu, Netapp | 3 Fedora, Binutils, Ontap Select Deploy Administration Utility | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file. | |||||
| CVE-2020-16591 | 2 Gnu, Netapp | 2 Binutils, Ontap Select Deploy Administration Utility | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif. | |||||
| CVE-2020-16590 | 2 Gnu, Netapp | 2 Binutils, Ontap Select Deploy Administration Utility | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file. | |||||
| CVE-2020-16166 | 7 Canonical, Debian, Fedoraproject and 4 more | 16 Ubuntu Linux, Debian Linux, Fedora and 13 more | 2024-11-21 | 4.3 MEDIUM | 3.7 LOW |
| The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c. | |||||
| CVE-2020-15862 | 3 Canonical, Net-snmp, Netapp | 6 Ubuntu Linux, Net-snmp, Cloud Backup and 3 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. | |||||
| CVE-2020-15861 | 3 Canonical, Net-snmp, Netapp | 5 Ubuntu Linux, Net-snmp, Cloud Backup and 2 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following. | |||||
| CVE-2020-15852 | 3 Linux, Netapp, Xen | 5 Linux Kernel, Cloud Backup, Solidfire Baseboard Management Controller and 2 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154. | |||||
| CVE-2020-15801 | 3 Microsoft, Netapp, Python | 3 Windows, Max Data, Python | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The <executable-name>._pth file (e.g., the python._pth file) is not affected. | |||||
| CVE-2020-15778 | 3 Broadcom, Netapp, Openbsd | 10 Fabric Operating System, A700s, A700s Firmware and 7 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfers" because that could "stand a great chance of breaking existing workflows." | |||||