Vulnerabilities > Netapp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-09 | CVE-2019-9640 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. | 7.5 |
| 2019-03-09 | CVE-2019-9639 | Missing Initialization of Resource vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. | 7.5 |
| 2019-03-09 | CVE-2019-9638 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. | 7.5 |
| 2019-03-09 | CVE-2019-9637 | Permissions, Privileges, and Access Controls vulnerability in multiple products An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. | 7.5 |
| 2019-03-07 | CVE-2019-0192 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. | 9.8 |
| 2019-03-04 | CVE-2018-5482 | Missing Encryption of Sensitive Data vulnerability in Netapp Snapcenter Server NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel. | 5.3 |
| 2019-03-04 | CVE-2017-15515 | Cross-site Scripting vulnerability in Netapp Snapcenter Server NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field. | 4.8 |
| 2019-02-27 | CVE-2019-1559 | Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. | 5.9 |
| 2019-02-27 | CVE-2019-5491 | Unspecified vulnerability in Netapp Clustered Data Ontap 9.0/9.1/9.3 Clustered Data ONTAP versions prior to 9.1P15 and 9.3 prior to 9.3P7 are susceptible to a vulnerability which discloses sensitive information to an unauthenticated user. | 7.5 |
| 2019-02-26 | CVE-2019-9169 | Out-of-bounds Read vulnerability in multiple products In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. | 9.8 |