Vulnerabilities > Netapp
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-07 | CVE-2015-7849 | Use After Free vulnerability in NTP Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets. | 6.5 |
2017-08-07 | CVE-2015-7705 | Improper Input Validation vulnerability in multiple products The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests. | 7.5 |
2017-08-07 | CVE-2015-7704 | Improper Input Validation vulnerability in multiple products The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. | 5.0 |
2017-08-07 | CVE-2015-7702 | Improper Input Validation vulnerability in NTP The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). | 4.0 |
2017-08-07 | CVE-2015-7701 | Missing Release of Resource after Effective Lifetime vulnerability in NTP Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption). | 5.0 |
2017-08-07 | CVE-2015-7692 | Improper Input Validation vulnerability in NTP The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). | 5.0 |
2017-08-07 | CVE-2015-7691 | Improper Input Validation vulnerability in NTP The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. | 5.0 |
2017-08-07 | CVE-2015-7887 | Improper Access Control vulnerability in Netapp Snapcenter Server 1.0 NetApp SnapCenter Server 1.0 allows remote authenticated users to list and delete backups. | 6.5 |
2017-07-27 | CVE-2016-8743 | Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. | 7.5 |
2017-07-25 | CVE-2017-8919 | Unspecified vulnerability in Netapp Oncommand API Services 1.0/1.1/1.2 NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password when a user attempts to log in using the REST API, which allows remote authenticated users to obtain sensitive password information via unspecified vectors. | 4.0 |