Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2019-04-02 CVE-2019-9946 Always-Incorrect Control Flow Implementation vulnerability in multiple products
Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes.
network
low complexity
kubernetes cncf netapp CWE-670
7.5
2019-03-28 CVE-2019-0222 In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.
network
low complexity
apache netapp oracle debian
7.5
2019-03-25 CVE-2019-3857 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed.
8.8
2019-03-25 CVE-2019-3856 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed.
8.8
2019-03-25 CVE-2019-3863 Out-of-bounds Write vulnerability in multiple products
A flaw was found in libssh2 before 1.8.1.
network
low complexity
libssh2 debian netapp opensuse redhat CWE-787
8.8
2019-03-22 CVE-2019-9924 Missing Authorization vulnerability in multiple products
rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.
local
low complexity
gnu debian opensuse netapp canonical CWE-862
7.8
2019-03-21 CVE-2019-3855 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server.
8.8
2019-03-21 CVE-2019-9897 Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.
network
low complexity
putty fedoraproject debian netapp opensuse
7.5
2019-03-21 CVE-2019-9894 Key Management Errors vulnerability in multiple products
A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.
network
low complexity
putty fedoraproject debian netapp opensuse CWE-320
7.5
2019-03-21 CVE-2019-7221 Use After Free vulnerability in multiple products
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
7.8