Vulnerabilities > Netapp > Solidfire > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-11-07 CVE-2019-18805 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11.
network
low complexity
linux opensuse redhat netapp broadcom CWE-190
critical
 9.8
9.8
2019-06-14 CVE-2019-10126 Heap-based Buffer Overflow vulnerability in multiple products
A flaw was found in the Linux kernel.
network
low complexity
linux redhat canonical debian opensuse netapp CWE-122
critical
 9.8
9.8
2019-04-10 CVE-2019-11068 libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code.
network
low complexity
xmlsoft canonical debian fedoraproject oracle netapp opensuse
critical
 9.8
9.8
2019-03-27 CVE-2019-10125 Use After Free vulnerability in multiple products
An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4.
network
low complexity
linux netapp CWE-416
critical
 9.8
9.8
2018-06-26 CVE-2017-7658 HTTP Request Smuggling vulnerability in multiple products
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second.
network
low complexity
eclipse debian oracle hp netapp CWE-444
critical
 9.8
9.8
2017-05-23 CVE-2016-9841 inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
network
low complexity
zlib opensuse debian canonical oracle redhat apple netapp nodejs
critical
 9.8
9.8