Vulnerabilities > Netapp > Snapcenter

DATE CVE VULNERABILITY TITLE RISK
2019-01-02 CVE-2018-14719 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.
network
low complexity
fasterxml debian oracle redhat netapp CWE-502
critical
 9.8
9.8
2019-01-02 CVE-2018-14718 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
network
low complexity
fasterxml debian oracle netapp redhat CWE-502
critical
 9.8
9.8
2018-12-07 CVE-2018-18314 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
network
low complexity
perl canonical debian netapp redhat CWE-119
critical
 9.8
9.8
2018-12-07 CVE-2018-18313 Out-of-bounds Read vulnerability in multiple products
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
network
low complexity
perl canonical debian redhat netapp apple CWE-125
critical
 9.1
9.1
2018-12-07 CVE-2018-18311 Integer Overflow or Wraparound vulnerability in multiple products
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
network
low complexity
perl canonical debian netapp redhat apple fedoraproject mcafee CWE-190
critical
 9.8
9.8
2018-12-05 CVE-2018-18312 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
network
low complexity
perl canonical debian redhat netapp CWE-119
critical
 9.8
9.8
2018-10-30 CVE-2018-0734 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack.
network
high complexity
openssl canonical debian nodejs netapp oracle CWE-327
5.9
5.9
2018-10-17 CVE-2018-10933 Improper Authentication vulnerability in multiple products
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4.
network
low complexity
libssh canonical debian redhat netapp oracle CWE-287
critical
 9.1
9.1
2018-10-17 CVE-2018-3286 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
network
low complexity
oracle netapp
4.3
4.3
2018-10-17 CVE-2018-3285 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Windows).
network
low complexity
oracle netapp
4.9
4.9