Vulnerabilities > Netapp > Storage Automation Store > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-18 | CVE-2019-11035 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. | 6.4 |
2019-04-18 | CVE-2019-11034 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. | 6.4 |
2019-03-09 | CVE-2019-9640 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. | 5.0 |
2019-03-09 | CVE-2019-9639 | Missing Initialization of Resource vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. | 5.0 |
2019-03-09 | CVE-2019-9638 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. | 5.0 |
2019-03-09 | CVE-2019-9637 | Permissions, Privileges, and Access Controls vulnerability in PHP An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. | 5.0 |
2019-02-27 | CVE-2019-1559 | Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. | 5.9 |
2019-02-22 | CVE-2019-9024 | Out-of-bounds Read vulnerability in PHP An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. | 5.0 |
2019-02-22 | CVE-2019-9022 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. | 5.0 |
2019-01-31 | CVE-2019-6110 | Inappropriate Encoding for Output Context vulnerability in multiple products In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred. | 6.8 |