Vulnerabilities > Netapp > Steelstore Cloud Integrated Storage > High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-28	CVE-2019-5436	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. local low complexity haxx opensuse fedoraproject debian f5 netapp oracle CWE-787	7.8
2019-02-26	CVE-2018-20796	Uncontrolled Recursion vulnerability in multiple products In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227\|)(\\1\\1\|t1\|\\\2537)+' in grep. network low complexity gnu netapp CWE-674	7.5
2019-02-26	CVE-2009-5155	Data Processing Errors vulnerability in multiple products In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. network low complexity gnu netapp CWE-19	7.5
2018-07-18	CVE-2018-2964	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). network high complexity oracle netapp	8.3
2018-07-18	CVE-2018-2942	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL). network high complexity oracle netapp	8.3
2018-07-18	CVE-2018-2941	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). network high complexity oracle netapp	8.3
2018-03-06	CVE-2018-7184	ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. network low complexity ntp synology slackware canonical netapp	7.5
2017-10-19	CVE-2017-10388	Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). network high complexity oracle redhat netapp debian	7.5
2017-10-19	CVE-2017-10309	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). network low complexity oracle redhat netapp	7.1
2017-08-08	CVE-2017-10176	Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). network low complexity oracle debian phoenixcontact netapp	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.