Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2018-02-01 CVE-2018-6485 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.
network
low complexity
gnu redhat oracle netapp CWE-190
critical
 9.8
9.8
2018-01-29 CVE-2017-1784 Information Exposure vulnerability in multiple products
IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user.
local
low complexity
ibm netapp CWE-200
5.5
5.5
2018-01-29 CVE-2017-1783 Improper Authentication vulnerability in multiple products
IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication.
local
low complexity
ibm netapp CWE-287
4.0
4.0
2018-01-29 CVE-2017-1779 Insufficiently Protected Credentials vulnerability in multiple products
IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user.
local
low complexity
ibm netapp CWE-522
7.8
7.8
2018-01-22 CVE-2018-5968 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws.
network
high complexity
fasterxml debian redhat netapp CWE-502
8.1
8.1
2018-01-21 CVE-2016-10708 NULL Pointer Dereference vulnerability in multiple products
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
network
low complexity
openbsd debian canonical netapp CWE-476
7.5
7.5
2018-01-18 CVE-2018-2668 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle mariadb debian canonical netapp redhat
6.5
6.5
2018-01-18 CVE-2018-2665 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle mariadb debian canonical netapp redhat
6.5
6.5
2018-01-18 CVE-2018-2640 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle mariadb debian canonical netapp redhat
6.5
6.5
2018-01-18 CVE-2018-2638 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment).
network
high complexity
oracle redhat netapp
8.3
8.3