Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2019-10-03 CVE-2019-15166 Classic Buffer Overflow vulnerability in multiple products
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
7.5
2019-10-02 CVE-2019-10212 Information Exposure Through Log Files vulnerability in multiple products
A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security.
network
low complexity
redhat netapp CWE-532
critical
9.8
2019-10-01 CVE-2019-17069 Use After Free vulnerability in multiple products
PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message.
network
low complexity
putty opensuse netapp CWE-416
7.5
2019-10-01 CVE-2019-16943 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.
network
low complexity
fasterxml debian fedoraproject redhat oracle netapp CWE-502
critical
9.8
2019-10-01 CVE-2019-16942 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.
network
low complexity
fasterxml debian fedoraproject redhat netapp oracle CWE-502
critical
9.8
2019-09-30 CVE-2019-16276 HTTP Request Smuggling vulnerability in multiple products
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.
7.5
2019-09-30 CVE-2019-16995 Memory Leak vulnerability in multiple products
In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.
network
low complexity
linux opensuse netapp CWE-401
7.5
2019-09-26 CVE-2019-10092 Cross-site Scripting vulnerability in multiple products
In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page.
6.1
2019-09-24 CVE-2019-5094 Out-of-bounds Write vulnerability in multiple products
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3.
6.7
2019-09-24 CVE-2019-5505 Insufficiently Protected Credentials vulnerability in Netapp Ontap Select Deploy Administration Utility
ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext.
network
low complexity
netapp CWE-522
critical
9.8