Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2019-08-09 CVE-2019-12256 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component.
network
low complexity
windriver netapp sonicwall siemens belden CWE-120
7.5
2019-07-30 CVE-2018-16871 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20.
network
low complexity
linux redhat netapp CWE-476
7.5
2019-07-17 CVE-2019-13272 In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). 7.8
2019-07-16 CVE-2019-13115 Integer Overflow or Wraparound vulnerability in multiple products
In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server.
network
low complexity
libssh2 debian fedoraproject netapp f5 CWE-190
8.1
2019-07-10 CVE-2018-14550 Out-of-bounds Write vulnerability in multiple products
An issue has been found in third-party PNM decoding associated with libpng 1.6.35.
network
low complexity
libpng oracle netapp CWE-787
8.8
2019-07-01 CVE-2019-5497 Insecure Default Initialization of Resource vulnerability in Netapp AFF A700S Firmware and Clustered Data Ontap
NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution.
network
low complexity
netapp CWE-1188
7.5
2019-06-03 CVE-2019-12615 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6.
network
low complexity
linux netapp CWE-476
7.5
2019-06-03 CVE-2019-3846 Heap-based Buffer Overflow vulnerability in multiple products
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
8.8
2019-05-28 CVE-2019-5436 Out-of-bounds Write vulnerability in multiple products
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
7.8
2019-05-15 CVE-2019-8936 NULL Pointer Dereference vulnerability in multiple products
NTP through 4.2.8p12 has a NULL Pointer Dereference.
network
low complexity
netapp fedoraproject opensuse hpe ntp CWE-476
7.5