Storage Automation Store

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-18	CVE-2019-11035	Out-of-bounds Read vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. network low complexity php canonical netapp redhat opensuse debian CWE-125 critical	9.1
2019-04-18	CVE-2019-11034	Out-of-bounds Read vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. network low complexity php canonical netapp redhat debian opensuse CWE-125 critical	9.1
2019-03-09	CVE-2019-9641	Use of Uninitialized Resource vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php debian canonical opensuse netapp CWE-908 critical	9.8
2019-03-09	CVE-2019-9640	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php canonical debian opensuse netapp redhat CWE-125	7.5
2019-03-09	CVE-2019-9639	Missing Initialization of Resource vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php debian canonical opensuse netapp redhat CWE-909	7.5
2019-03-09	CVE-2019-9638	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php debian canonical opensuse netapp redhat CWE-125	7.5
2019-03-09	CVE-2019-9637	Permissions, Privileges, and Access Controls vulnerability in multiple products An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. network low complexity php debian canonical opensuse netapp CWE-264	7.5
2019-03-07	CVE-2019-0192	Deserialization of Untrusted Data vulnerability in multiple products In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. network low complexity apache netapp CWE-502 critical	9.8
2019-02-27	CVE-2019-1559	Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. network high complexity openssl canonical debian netapp f5 tenable opensuse fedoraproject mcafee redhat oracle paloaltonetworks nodejs CWE-203	5.9
2019-02-22	CVE-2019-9025	Out-of-bounds Write vulnerability in multiple products An issue was discovered in PHP 7.3.x before 7.3.1. network low complexity php netapp CWE-787 critical	9.8