Vulnerabilities > Netapp > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-09 | CVE-2019-12256 | Classic Buffer Overflow vulnerability in multiple products Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. | 7.5 |
2019-07-30 | CVE-2018-16871 | NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. | 7.5 |
2019-07-17 | CVE-2019-13272 | In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). | 7.8 |
2019-07-16 | CVE-2019-13115 | Integer Overflow or Wraparound vulnerability in multiple products In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. | 8.1 |
2019-07-10 | CVE-2018-14550 | Out-of-bounds Write vulnerability in multiple products An issue has been found in third-party PNM decoding associated with libpng 1.6.35. | 8.8 |
2019-07-01 | CVE-2019-5497 | Insecure Default Initialization of Resource vulnerability in Netapp AFF A700S Firmware and Clustered Data Ontap NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution. | 7.5 |
2019-06-03 | CVE-2019-12615 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. | 7.5 |
2019-06-03 | CVE-2019-3846 | Heap-based Buffer Overflow vulnerability in multiple products A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. | 8.8 |
2019-05-28 | CVE-2019-5436 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. | 7.8 |
2019-05-15 | CVE-2019-8936 | NULL Pointer Dereference vulnerability in multiple products NTP through 4.2.8p12 has a NULL Pointer Dereference. | 7.5 |