Vulnerabilities > Netapp > Element Software > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-21 | CVE-2019-17498 | Integer Overflow or Wraparound vulnerability in multiple products In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. | 8.1 |
2019-02-24 | CVE-2019-9077 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in GNU Binutils 2.32. | 7.8 |
2019-01-28 | CVE-2019-3462 | Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. | 8.1 |
2019-01-16 | CVE-2017-3137 | Reachable Assertion vulnerability in multiple products Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. | 7.5 |
2018-09-19 | CVE-2018-17182 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 4.18.8. | 7.8 |
2018-06-22 | CVE-2018-12538 | Session Fixation vulnerability in multiple products In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore. | 8.8 |
2018-03-06 | CVE-2018-7182 | Out-of-bounds Read vulnerability in multiple products The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10. | 7.5 |
2017-10-19 | CVE-2017-10388 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). | 7.5 |
2017-10-19 | CVE-2017-10309 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). | 7.1 |
2017-08-08 | CVE-2017-10176 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). | 7.5 |