Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2019-03-25 CVE-2019-3856 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed.
8.8
2019-03-25 CVE-2019-3863 Out-of-bounds Write vulnerability in multiple products
A flaw was found in libssh2 before 1.8.1.
network
low complexity
libssh2 debian netapp opensuse redhat CWE-787
8.8
2019-03-22 CVE-2019-9924 Missing Authorization vulnerability in multiple products
rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.
local
low complexity
gnu debian opensuse netapp canonical CWE-862
7.2
2019-03-21 CVE-2019-3855 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server.
8.8
2019-03-21 CVE-2019-9897 Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.
network
low complexity
putty fedoraproject debian netapp opensuse
7.5
2019-03-21 CVE-2019-9894 Key Management Errors vulnerability in multiple products
A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.
network
low complexity
putty fedoraproject debian netapp opensuse CWE-320
7.5
2019-03-21 CVE-2019-7221 Use After Free vulnerability in multiple products
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
7.8
2019-03-21 CVE-2018-20669 Improper Input Validation vulnerability in multiple products
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13.
local
low complexity
linux canonical netapp CWE-20
7.8
2019-03-09 CVE-2019-9641 Use of Uninitialized Resource vulnerability in multiple products
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3.
network
low complexity
php debian canonical opensuse netapp CWE-908
7.5
2019-02-26 CVE-2018-20796 Uncontrolled Recursion vulnerability in multiple products
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.
network
low complexity
gnu netapp CWE-674
7.5