Vulnerabilities > Netapp > Ontap Select Deploy Administration Utility > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-21 | CVE-2020-36329 | Use After Free vulnerability in multiple products A flaw was found in libwebp in versions before 1.0.1. | 9.8 |
2021-05-21 | CVE-2020-36328 | A flaw was found in libwebp in versions before 1.0.1. | 9.8 |
2021-01-19 | CVE-2021-3177 | Classic Buffer Overflow vulnerability in multiple products Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. | 9.8 |
2020-04-09 | CVE-2020-11656 | Use After Free vulnerability in multiple products In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. | 9.8 |
2019-12-09 | CVE-2019-19646 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. | 9.8 |
2019-12-05 | CVE-2019-19317 | Incorrect Conversion between Numeric Types vulnerability in multiple products lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact. | 9.8 |
2019-11-21 | CVE-2019-5509 | Code Injection vulnerability in Netapp Ontap Select Deploy Administration Utility ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account. | 9.8 |
2019-09-24 | CVE-2019-5504 | Missing Authentication for Critical Function vulnerability in Netapp Ontap Select Deploy Administration Utility 2.12/2.12.1 ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions. | 9.8 |
2019-09-24 | CVE-2019-5505 | Insufficiently Protected Credentials vulnerability in Netapp Ontap Select Deploy Administration Utility ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext. | 9.8 |
2019-03-25 | CVE-2019-3860 | Out-of-bounds Read vulnerability in multiple products An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. | 9.1 |