Vulnerabilities > Netapp > Cloud Backup
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-16 | CVE-2018-5736 | Reachable Assertion vulnerability in multiple products An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. | 5.3 |
| 2019-01-10 | CVE-2018-20685 | Incorrect Authorization vulnerability in multiple products In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . | 5.3 |
| 2018-10-30 | CVE-2018-0734 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. | 5.9 |
| 2018-10-29 | CVE-2018-0735 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. | 5.9 |
| 2018-10-08 | CVE-2018-18066 | NULL Pointer Dereference vulnerability in multiple products snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. | 7.5 |
| 2018-10-08 | CVE-2018-18065 | NULL Pointer Dereference vulnerability in multiple products _set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service. | 6.5 |
| 2018-08-28 | CVE-2018-15919 | Information Exposure vulnerability in multiple products Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. | 5.3 |
| 2018-08-17 | CVE-2018-15473 | Race Condition vulnerability in multiple products OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. | 5.3 |
| 2018-07-18 | CVE-2018-8011 | NULL Pointer Dereference vulnerability in multiple products By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. | 7.5 |
| 2018-07-18 | CVE-2018-2973 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JSSE). | 5.9 |