Vulnerabilities > Netapp > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-08-09 CVE-2019-12260 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4).
network
low complexity
windriver sonicwall siemens netapp oracle belden CWE-120
critical
 9.8
9.8
2019-08-09 CVE-2019-12255 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4).
network
low complexity
windriver netapp sonicwall siemens belden CWE-120
critical
 9.8
9.8
2019-08-09 CVE-2019-12256 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component.
network
low complexity
windriver netapp sonicwall siemens belden CWE-120
critical
 9.8
9.8
2019-08-05 CVE-2019-5502 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Netapp Data Ontap
SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data.
network
low complexity
netapp CWE-327
critical
 9.1
9.1
2019-07-29 CVE-2019-14379 SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
network
low complexity
fasterxml debian netapp fedoraproject redhat oracle apple
critical
 9.8
9.8
2019-07-26 CVE-2019-13990 XXE vulnerability in multiple products
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
network
low complexity
softwareag oracle apache netapp atlassian CWE-611
critical
 9.8
9.8
2019-07-26 CVE-2019-10744 Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution.
network
low complexity
lodash netapp redhat oracle f5
critical
 9.1
9.1
2019-07-10 CVE-2017-12652 Improper Input Validation vulnerability in multiple products
libpng before 1.6.32 does not properly check the length of chunks against the user limit.
network
low complexity
libpng netapp CWE-20
critical
 9.8
9.8
2019-07-01 CVE-2019-5497 Insecure Default Initialization of Resource vulnerability in Netapp AFF A700S Firmware and Clustered Data Ontap
NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution.
network
low complexity
netapp CWE-1188
critical
 9.8
9.8
2019-06-14 CVE-2019-10126 Heap-based Buffer Overflow vulnerability in multiple products
A flaw was found in the Linux kernel.
network
low complexity
linux redhat canonical debian opensuse netapp CWE-122
critical
 9.8
9.8