Vulnerabilities > Netapp > Vasa Provider > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-10 | CVE-2018-20002 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm. | 5.5 |
| 2018-12-07 | CVE-2018-19932 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. | 5.5 |
| 2018-08-17 | CVE-2018-15473 | Race Condition vulnerability in multiple products OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. | 5.3 |
| 2017-12-11 | CVE-2016-6904 | Credentials Management vulnerability in Netapp Vasa Provider Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. | 4.3 |
| 2017-08-08 | CVE-2017-10053 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). | 5.0 |