Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2018-11-09 CVE-2018-1842 Improper Verification of Cryptographic Signature vulnerability in multiple products
IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token.
local
high complexity
ibm netapp CWE-347
3.6
3.6
2018-10-30 CVE-2018-0734 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack.
network
high complexity
openssl canonical debian nodejs netapp oracle CWE-327
5.9
5.9
2018-10-29 CVE-2018-0735 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack.
network
high complexity
openssl canonical debian nodejs netapp oracle CWE-327
5.9
5.9
2018-10-23 CVE-2018-18607 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu debian netapp CWE-476
5.5
5.5
2018-10-23 CVE-2018-18606 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu debian netapp CWE-476
5.5
5.5
2018-10-23 CVE-2018-18605 Out-of-bounds Read vulnerability in multiple products
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize.
local
low complexity
gnu debian netapp CWE-125
5.5
5.5
2018-10-17 CVE-2018-10933 Improper Authentication vulnerability in multiple products
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4.
network
low complexity
libssh canonical debian redhat netapp oracle CWE-287
critical
 9.1
9.1
2018-10-17 CVE-2018-3286 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
network
low complexity
oracle netapp
4.3
4.3
2018-10-17 CVE-2018-3285 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Windows).
network
low complexity
oracle netapp
4.9
4.9
2018-10-17 CVE-2018-3284 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
high complexity
oracle canonical netapp mariadb
4.4
4.4