Vulnerabilities > Netapp
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-25 | CVE-2019-3861 | Out-of-bounds Read vulnerability in multiple products An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. | 9.1 |
2019-03-25 | CVE-2019-3860 | Out-of-bounds Read vulnerability in multiple products An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. | 9.1 |
2019-03-25 | CVE-2019-3857 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. | 8.8 |
2019-03-25 | CVE-2019-3856 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. | 8.8 |
2019-03-25 | CVE-2019-3863 | Out-of-bounds Write vulnerability in multiple products A flaw was found in libssh2 before 1.8.1. | 8.8 |
2019-03-22 | CVE-2019-9924 | Missing Authorization vulnerability in multiple products rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell. | 7.8 |
2019-03-21 | CVE-2019-3858 | Out-of-bounds Read vulnerability in multiple products An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. | 9.1 |
2019-03-21 | CVE-2019-3855 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. | 8.8 |
2019-03-21 | CVE-2019-5490 | Insecure Default Initialization of Resource vulnerability in Netapp Service Processor Certain versions between 2.x to 5.x (refer to advisory) of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. | 9.8 |
2019-03-21 | CVE-2019-9898 | Use of Insufficiently Random Values vulnerability in multiple products Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71. | 9.8 |