Vulnerabilities > Netapp > Storage Automation Store > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-18 | CVE-2019-11034 | Out-of-bounds Read vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. | 9.1 |
2019-04-18 | CVE-2019-11035 | Out-of-bounds Read vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. | 9.1 |
2019-03-09 | CVE-2019-9641 | Use of Uninitialized Resource vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. | 9.8 |
2019-03-07 | CVE-2019-0192 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. | 9.8 |
2019-02-22 | CVE-2019-9020 | Use After Free vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. | 9.8 |
2019-02-22 | CVE-2019-9021 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. | 9.8 |
2019-02-22 | CVE-2019-9023 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. | 9.8 |
2019-02-22 | CVE-2019-9025 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in PHP 7.3.x before 7.3.1. | 9.8 |
2018-10-17 | CVE-2018-10933 | Improper Authentication vulnerability in multiple products A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. | 9.1 |
2018-08-02 | CVE-2017-9120 | Integer Overflow or Wraparound vulnerability in multiple products PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string. | 9.8 |