Vulnerabilities > Netapp > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-03-25 CVE-2019-3861 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed.
network
low complexity
libssh2 debian netapp opensuse CWE-125
critical
 9.1
9.1
2019-03-25 CVE-2019-3860 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed.
network
low complexity
libssh2 debian netapp opensuse CWE-125
critical
 9.1
9.1
2019-03-21 CVE-2019-3858 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server.
network
low complexity
libssh2 fedoraproject debian netapp opensuse CWE-125
critical
 9.1
9.1
2019-03-21 CVE-2019-5490 Insecure Default Initialization of Resource vulnerability in Netapp Service Processor
Certain versions between 2.x to 5.x (refer to advisory) of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution.
network
low complexity
netapp CWE-1188
critical
 10.0
10
2019-03-21 CVE-2019-9898 Use of Insufficiently Random Values vulnerability in multiple products
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.
network
low complexity
putty fedoraproject debian opensuse netapp CWE-330
critical
 9.8
9.8
2019-03-21 CVE-2019-3862 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed.
network
low complexity
libssh2 fedoraproject debian netapp opensuse CWE-125
critical
 9.1
9.1
2019-03-21 CVE-2019-3859 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions.
network
low complexity
libssh2 fedoraproject debian netapp opensuse CWE-125
critical
 9.1
9.1
2019-03-07 CVE-2019-0192 Deserialization of Untrusted Data vulnerability in multiple products
In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request.
network
low complexity
apache netapp CWE-502
critical
 9.8
9.8
2019-02-26 CVE-2019-9169 Out-of-bounds Read vulnerability in multiple products
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
network
low complexity
gnu netapp mcafee canonical CWE-125
critical
 9.8
9.8
2019-02-06 CVE-2019-3822 Out-of-bounds Write vulnerability in multiple products
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow.
network
low complexity
haxx canonical debian netapp siemens oracle redhat CWE-787
critical
 9.8
9.8