Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2019-09-15 CVE-2019-16335 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10.
network
low complexity
fasterxml fedoraproject debian netapp redhat oracle CWE-502
critical
9.8
2019-09-15 CVE-2019-14540 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10.
network
low complexity
fasterxml netapp fedoraproject debian redhat oracle CWE-502
critical
9.8
2019-09-10 CVE-2019-5503 Cleartext Transmission of Sensitive Information vulnerability in Netapp Oncommand Workflow Automation 5.0
OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
network
low complexity
netapp CWE-319
5.3
2019-09-09 CVE-2019-16168 Divide By Zero vulnerability in multiple products
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
6.5
2019-09-04 CVE-2019-15902 Information Exposure vulnerability in multiple products
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11.
local
high complexity
linux debian opensuse netapp CWE-200
5.6
2019-08-30 CVE-2019-5612 Race Condition vulnerability in multiple products
In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe.
network
low complexity
freebsd netapp CWE-362
7.5
2019-08-30 CVE-2019-5611 Improper Input Validation vulnerability in multiple products
In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguous.
network
low complexity
freebsd netapp CWE-20
7.5
2019-08-30 CVE-2019-5610 Out-of-bounds Read vulnerability in multiple products
In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding.
network
low complexity
freebsd netapp CWE-125
7.5
2019-08-30 CVE-2019-5608 Out-of-bounds Write vulnerability in multiple products
In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented across multiple mbufs.
network
low complexity
freebsd netapp CWE-787
critical
9.8
2019-08-25 CVE-2019-15538 Resource Exhaustion vulnerability in multiple products
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9.
7.5