Vulnerabilities > Netapp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-20 | CVE-2018-1000632 | XML Injection (aka Blind XPath Injection) vulnerability in multiple products dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. | 7.5 |
| 2018-08-17 | CVE-2018-15473 | Race Condition vulnerability in multiple products OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. | 5.3 |
| 2018-08-07 | CVE-2018-15132 | Information Exposure vulnerability in multiple products An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. | 7.5 |
| 2018-08-03 | CVE-2018-5490 | Incorrect Permission Assignment for Critical Resource vulnerability in Netapp Clustered Data Ontap Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. | 8.8 |
| 2018-08-03 | CVE-2018-5489 | Incorrect Authorization vulnerability in Netapp 7-Mode Transition Tool NetApp 7-Mode Transition Tool allows users with valid credentials to access functions and information which may have been intended to be restricted to administrators or privileged users. | 6.5 |
| 2018-08-03 | CVE-2018-14884 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. | 7.5 |
| 2018-08-03 | CVE-2018-14883 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. | 7.5 |
| 2018-08-02 | CVE-2018-14851 | Out-of-bounds Read vulnerability in multiple products exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file. | 5.5 |
| 2018-08-02 | CVE-2017-9120 | Integer Overflow or Wraparound vulnerability in multiple products PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string. | 9.8 |
| 2018-08-02 | CVE-2017-9118 | Out-of-bounds Read vulnerability in multiple products PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call. | 7.5 |