Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2018-02-01 CVE-2018-6485 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.
network
low complexity
gnu redhat oracle netapp CWE-190
7.5
2018-01-22 CVE-2018-5968 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws.
network
high complexity
fasterxml debian redhat netapp CWE-502
8.1
2018-01-21 CVE-2016-10708 NULL Pointer Dereference vulnerability in multiple products
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
network
low complexity
openbsd debian canonical netapp CWE-476
7.5
2018-01-18 CVE-2018-2638 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment).
network
high complexity
oracle redhat netapp
8.3
2018-01-18 CVE-2018-2627 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer).
local
high complexity
oracle redhat netapp
7.5
2018-01-18 CVE-2018-2612 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle mariadb netapp canonical debian
7.5
2018-01-18 CVE-2018-2562 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition).
network
low complexity
oracle mariadb debian canonical netapp redhat
7.5
2017-11-13 CVE-2016-8610 Resource Exhaustion vulnerability in multiple products
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake.
7.5
2017-10-19 CVE-2017-10388 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
network
high complexity
oracle redhat netapp debian
7.5
2017-10-04 CVE-2017-12617 Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g.
network
high complexity
apache canonical oracle debian netapp redhat CWE-434
8.1