Vulnerabilities > Netapp > Storage Automation Store > High

DATE CVE VULNERABILITY TITLE RISK
2019-03-09 CVE-2019-9641 Use of Uninitialized Resource vulnerability in multiple products
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3.
network
low complexity
php debian canonical opensuse netapp CWE-908
7.5
2019-02-22 CVE-2019-9025 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in PHP 7.3.x before 7.3.1.
network
low complexity
php netapp CWE-119
7.5
2019-02-22 CVE-2019-9023 Out-of-bounds Read vulnerability in PHP
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-125
7.5
2019-02-22 CVE-2019-9021 Out-of-bounds Read vulnerability in PHP
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-125
7.5
2019-02-22 CVE-2019-9020 Use After Free vulnerability in PHP
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1.
network
low complexity
php debian canonical netapp opensuse CWE-416
7.5
2019-01-30 CVE-2018-17199 Session Fixation vulnerability in multiple products
In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session.
network
low complexity
apache debian netapp canonical oracle CWE-384
7.5
2019-01-27 CVE-2019-6977 Out-of-bounds Write vulnerability in multiple products
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow.
network
low complexity
libgd php debian canonical netapp CWE-787
8.8
2019-01-16 CVE-2019-2534 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication).
network
low complexity
oracle canonical netapp redhat
7.1
2018-08-02 CVE-2017-9120 Integer Overflow or Wraparound vulnerability in multiple products
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.
network
low complexity
php netapp CWE-190
7.5
2018-06-26 CVE-2018-12882 Use After Free vulnerability in multiple products
exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing.
network
low complexity
php canonical netapp CWE-416
7.5