Vulnerabilities > Netapp > Element Software > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-16 | CVE-2017-3140 | Resource Exhaustion vulnerability in multiple products If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. | 4.3 |
| 2019-01-16 | CVE-2017-3137 | Reachable Assertion vulnerability in multiple products Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. | 5.0 |
| 2019-01-16 | CVE-2017-3136 | Reachable Assertion vulnerability in multiple products A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. | 4.3 |
| 2019-01-14 | CVE-2018-16888 | Improper Privilege Management vulnerability in multiple products It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. | 4.7 |
| 2019-01-10 | CVE-2018-20685 | Incorrect Authorization vulnerability in multiple products In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . | 5.3 |
| 2018-10-29 | CVE-2018-0735 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. | 5.9 |
| 2018-09-21 | CVE-2018-16597 | Incorrect Authorization vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 4.8. | 4.9 |
| 2018-03-06 | CVE-2018-7182 | Out-of-bounds Read vulnerability in multiple products The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10. | 5.0 |
| 2017-10-19 | CVE-2017-10357 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). | 5.3 |
| 2017-10-19 | CVE-2017-10356 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). | 6.2 |