Vulnerabilities > Netapp > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-09-15 CVE-2019-14540 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10.
network
low complexity
fasterxml netapp fedoraproject debian redhat oracle CWE-502
critical
9.8
2019-08-30 CVE-2019-5608 Out-of-bounds Write vulnerability in multiple products
In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented across multiple mbufs.
network
low complexity
freebsd netapp CWE-787
critical
9.8
2019-08-09 CVE-2019-12255 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4).
network
low complexity
windriver netapp sonicwall siemens belden CWE-120
critical
9.8
2019-07-29 CVE-2019-14379 SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
network
low complexity
fasterxml debian netapp fedoraproject redhat oracle apple
critical
9.8
2019-07-26 CVE-2019-13990 XXE vulnerability in multiple products
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
network
low complexity
softwareag oracle apache netapp atlassian CWE-611
critical
9.8
2019-07-26 CVE-2019-10744 Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution.
network
low complexity
lodash netapp redhat oracle f5
critical
9.1
2019-07-10 CVE-2017-12652 Improper Input Validation vulnerability in multiple products
libpng before 1.6.32 does not properly check the length of chunks against the user limit.
network
low complexity
libpng netapp CWE-20
critical
9.8
2019-06-14 CVE-2019-10126 Heap-based Buffer Overflow vulnerability in multiple products
A flaw was found in the Linux kernel.
network
low complexity
linux redhat canonical debian opensuse netapp CWE-122
critical
9.8
2019-06-07 CVE-2019-10160 Encoding Error vulnerability in multiple products
A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL.
network
low complexity
python redhat debian opensuse fedoraproject canonical netapp CWE-172
critical
9.8
2019-05-08 CVE-2019-11815 Race Condition vulnerability in multiple products
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8.
9.3