Vulnerabilities > Netapp > Element Software Management

DATE CVE VULNERABILITY TITLE RISK
2019-02-24 CVE-2019-9076 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32.
network
gnu netapp CWE-770
4.3
2019-02-24 CVE-2019-9070 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32.
local
low complexity
gnu netapp canonical f5 CWE-125
7.8
2018-05-18 CVE-2018-11237 Out-of-bounds Write vulnerability in multiple products
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
local
low complexity
gnu redhat oracle netapp canonical CWE-787
4.6
2018-05-18 CVE-2018-11236 Integer Overflow or Wraparound vulnerability in multiple products
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
network
low complexity
gnu redhat oracle netapp CWE-190
critical
9.8
2018-02-01 CVE-2018-6485 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.
network
low complexity
gnu redhat oracle netapp CWE-190
7.5