Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2019-10-16 CVE-2019-2922 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
network
low complexity
oracle canonical netapp
5.3
5.3
2019-10-16 CVE-2019-2914 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
network
low complexity
oracle canonical fedoraproject netapp
6.5
6.5
2019-10-16 CVE-2019-2911 Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema).
network
low complexity
oracle canonical fedoraproject netapp
2.7
2.7
2019-10-16 CVE-2019-2910 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
network
high complexity
oracle canonical netapp
3.7
3.7
2019-10-12 CVE-2019-17531 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.
network
low complexity
fasterxml debian redhat oracle netapp CWE-502
critical
 9.8
9.8
2019-10-11 CVE-2019-2215 Use After Free vulnerability in multiple products
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel.
local
low complexity
google debian canonical netapp huawei CWE-416
7.8
7.8
2019-10-09 CVE-2019-16905 Integer Overflow or Wraparound vulnerability in multiple products
OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key.
local
low complexity
openbsd netapp siemens CWE-190
7.8
7.8
2019-10-09 CVE-2019-5507 Unspecified vulnerability in Netapp Snapmanager
SnapManager for Oracle prior to version 3.4.2P1 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information.
local
low complexity
netapp
5.5
5.5
2019-10-09 CVE-2019-5506 Improper Certificate Validation vulnerability in Netapp Clustered Data Ontap
Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain circumstances making them susceptible to impersonation via man-in-the-middle attacks.
network
high complexity
netapp CWE-295
5.9
5.9
2019-10-08 CVE-2019-17359 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data.
network
low complexity
bouncycastle apache netapp oracle CWE-770
7.5
7.5