Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-12-04 CVE-2018-5496 Information Exposure vulnerability in Netapp Data Ontap
Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.
local
low complexity
netapp CWE-200
4.4
4.4
2018-10-30 CVE-2018-0734 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack.
network
high complexity
openssl canonical debian nodejs netapp oracle CWE-327
5.9
5.9
2018-10-29 CVE-2018-0735 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack.
network
high complexity
openssl canonical debian nodejs netapp oracle CWE-327
5.9
5.9
2018-10-23 CVE-2018-18607 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu debian netapp CWE-476
5.5
5.5
2018-10-23 CVE-2018-18606 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu debian netapp CWE-476
5.5
5.5
2018-10-23 CVE-2018-18605 Out-of-bounds Read vulnerability in multiple products
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize.
local
low complexity
gnu debian netapp CWE-125
5.5
5.5
2018-10-17 CVE-2018-3286 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
network
low complexity
oracle netapp
4.3
4.3
2018-10-17 CVE-2018-3285 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Windows).
network
low complexity
oracle netapp
4.9
4.9
2018-10-17 CVE-2018-3284 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
high complexity
oracle canonical netapp mariadb
4.4
4.4
2018-10-17 CVE-2018-3283 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Logging).
network
high complexity
oracle netapp canonical
4.4
4.4