Vulnerabilities > Netapp > Service Processor > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-01-04 CVE-2019-25013 Out-of-bounds Read vulnerability in multiple products
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
network
high complexity
gnu fedoraproject netapp broadcom debian CWE-125
5.9
2019-09-04 CVE-2019-15902 Information Exposure vulnerability in multiple products
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11.
local
high complexity
linux debian opensuse netapp CWE-200
5.6
2019-02-27 CVE-2019-1559 Information Exposure Through Discrepancy vulnerability in multiple products
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC.
5.9
2018-08-17 CVE-2018-15473 Race Condition vulnerability in multiple products
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
5.3