Vulnerabilities > Netapp > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-13 | CVE-2018-19039 | Information Exposure vulnerability in multiple products Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions. | 6.5 |
| 2018-12-10 | CVE-2018-20002 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm. | 5.5 |
| 2018-12-07 | CVE-2018-19932 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. | 5.5 |
| 2018-12-04 | CVE-2018-5496 | Information Exposure vulnerability in Netapp Data Ontap Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user. | 4.4 |
| 2018-10-30 | CVE-2018-0734 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. | 5.9 |
| 2018-10-29 | CVE-2018-0735 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. | 5.9 |
| 2018-10-23 | CVE-2018-18607 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. | 5.5 |
| 2018-10-23 | CVE-2018-18606 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. | 5.5 |
| 2018-10-23 | CVE-2018-18605 | Out-of-bounds Read vulnerability in multiple products A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. | 5.5 |
| 2018-10-17 | CVE-2018-3286 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). | 4.3 |