Lucene search

Ontap Select Deploy Administration Utility Security Vulnerabilities - 2020

cve

CVE-2019-20388

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.

7.5CVSS

7.6AI Score

0.009EPSS

2020-01-21 11:15 PM

493

cve

CVE-2020-11655

SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.

7.5CVSS

7.9AI Score

0.012EPSS

2020-04-09 03:15 AM

230

cve

CVE-2020-11656

In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.

9.8CVSS

9.1AI Score

0.011EPSS

2020-04-09 03:15 AM

157

cve

CVE-2020-13871

SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.

7.5CVSS

7.4AI Score

0.009EPSS

2020-06-06 04:15 PM

251

cve

CVE-2020-14145

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports st...

5.9CVSS

5.6AI Score

0.003EPSS

2020-06-29 06:15 PM

13474

cve

CVE-2020-14155

libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.

5.3CVSS

6.4AI Score

0.007EPSS

2020-06-15 05:15 PM

232

cve

CVE-2020-16590

A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file.

5.5CVSS

5.7AI Score

0.001EPSS

2020-12-09 09:15 PM

cve

CVE-2020-16591

A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif.

5.5CVSS

5.7AI Score

0.001EPSS

2020-12-09 09:15 PM

cve

CVE-2020-16592

A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file.

5.5CVSS

5.5AI Score

0.002EPSS

2020-12-09 09:15 PM

131

cve

CVE-2020-16593

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file.

5.5CVSS

5.5AI Score

0.001EPSS

2020-12-09 09:15 PM

cve

CVE-2020-16599

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file.

5.5CVSS

5.4AI Score

0.001EPSS

2020-12-09 09:15 PM

118

cve

CVE-2020-35448

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.

3.3CVSS

5.1AI Score

0.001EPSS

2020-12-27 04:15 AM

160