Vulnerabilities > Netapp > Cloud Backup > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-11-14 CVE-2019-11113 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access.
local
low complexity
intel netapp CWE-119
4.4
2019-11-14 CVE-2019-11089 Improper Input Validation vulnerability in multiple products
Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel netapp CWE-20
5.5
2019-09-16 CVE-2019-11184 Race Condition vulnerability in multiple products
A race condition in specific microprocessors using Intel (R) DDIO cache allocation and RDMA may allow an authenticated user to potentially enable partial information disclosure via adjacent access.
high complexity
intel netapp CWE-362
4.8
2019-07-01 CVE-2019-13118 Type Confusion vulnerability in multiple products
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
5.3
2019-02-27 CVE-2019-1559 Information Exposure Through Discrepancy vulnerability in multiple products
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC.
5.9
2019-02-04 CVE-2019-7317 Use After Free vulnerability in multiple products
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
5.3
2019-01-16 CVE-2018-5736 Reachable Assertion vulnerability in multiple products
An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession.
network
high complexity
isc netapp CWE-617
5.3
2019-01-10 CVE-2018-20685 Incorrect Authorization vulnerability in multiple products
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of .
5.3
2018-10-30 CVE-2018-0734 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack.
network
high complexity
openssl canonical debian nodejs netapp oracle CWE-327
5.9
2018-10-29 CVE-2018-0735 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack.
network
high complexity
openssl canonical debian nodejs netapp oracle CWE-327
5.9