Cloud Backup

cloud_backup

Vendor: Netapp • 345 CVEs

CVEs (345)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-36179 4Debian FasterxmlNetapp+1 more 43Agile Plm Application Testing SuiteAutovue For Agile Product Lifecycle Management+40 more Nov 21, 2024 Jan 7, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.
CVE-2020-36189 4Debian FasterxmlNetapp+1 more 40Agile Plm Application Testing SuiteAutovue For Agile Product Lifecycle Management+37 more Nov 21, 2024 Jan 6, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.
CVE-2020-36188 4Debian FasterxmlNetapp+1 more 45Agile Plm Application Testing SuiteAutovue For Agile Product Lifecycle Management+42 more Nov 21, 2024 Jan 6, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource.
CVE-2020-36187 4Debian FasterxmlNetapp+1 more 45Agile Plm Application Testing SuiteAutovue For Agile Product Lifecycle Management+42 more Nov 21, 2024 Jan 6, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.
CVE-2020-36186 4Debian FasterxmlNetapp+1 more 45Agile Plm Application Testing SuiteAutovue For Agile Product Lifecycle Management+42 more Nov 21, 2024 Jan 6, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource.
CVE-2020-36185 4Debian FasterxmlNetapp+1 more 45Agile Plm Application Testing SuiteAutovue For Agile Product Lifecycle Management+42 more Nov 21, 2024 Jan 6, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource.
CVE-2020-36184 4Debian FasterxmlNetapp+1 more 45Agile Plm Application Testing SuiteAutovue For Agile Product Lifecycle Management+42 more Nov 21, 2024 Jan 6, 2021 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.
CVE-2020-36158 4Debian FedoraprojectLinux+1 more 5Cloud Backup Debian LinuxFedora+2 more Nov 21, 2024 Jan 5, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.
CVE-2020-35507 4Broadcom GnuNetapp+1 more 8Binutils Brocade Fabric Operating SystemCloud Backup+5 more Nov 21, 2024 Jan 4, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dere...Show more There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability.Show less
CVE-2020-35496 4Broadcom FedoraprojectGnu+1 more 8Binutils Brocade Fabric Operating System FirmwareCloud Backup+5 more Nov 21, 2024 Jan 4, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest thre...Show more There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34.Show less
CVE-2020-35495 4Broadcom FedoraprojectGnu+1 more 8Binutils Brocade Fabric Operating System FirmwareCloud Backup+5 more Nov 21, 2024 Jan 4, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to applic...Show more There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34.Show less
CVE-2020-35494 4Broadcom FedoraprojectGnu+1 more 8Binutils Brocade Fabric Operating System FirmwareCloud Backup+5 more Nov 21, 2024 Jan 4, 2021 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availabi...Show more There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34.Show less
CVE-2020-35493 4Broadcom FedoraprojectGnu+1 more 8Binutils Brocade Fabric Operating System FirmwareCloud Backup+5 more Nov 21, 2024 Jan 4, 2021 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application av...Show more A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.Show less
CVE-2020-27730 2F5 Netapp 2Cloud Backup Nginx Controller Nov 21, 2024 Dec 11, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities.
CVE-2020-27825 4Debian LinuxNetapp+1 more 7Cloud Backup Debian LinuxEnterprise Linux+4 more Nov 21, 2024 Dec 11, 2020 N/A· v4 5.7 MEDIUM· v3 5.4 MEDIUM· v2 A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of...Show more A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.Show less
CVE-2020-27786 3Linux NetappRedhat 6Cloud Backup Enterprise LinuxEnterprise Mrg+3 more Nov 21, 2024 Dec 11, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this spec...Show more A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.Show less
CVE-2020-16599 2Gnu Netapp 5Binutils Cloud BackupHci Management Node+2 more Nov 21, 2024 Dec 9, 2020 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can ca...Show more A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file.Show less
CVE-2020-16593 2Gnu Netapp 4Binutils Cloud BackupOntap Select Deploy Administration Utility+1 more Nov 21, 2024 Dec 9, 2020 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a deni...Show more A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file.Show less
CVE-2020-25692 3Netapp OpenldapRedhat 4Cloud Backup Enterprise LinuxOpenldap+1 more Nov 21, 2024 Dec 8, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially craf...Show more A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.Show less
CVE-2020-29573 3Gnu NetappRedhat 4Cloud Backup Enterprise LinuxGlibc+1 more Nov 21, 2024 Dec 6, 2020 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-can...Show more sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference.Show less

Previous 1...678...18 Next