Vulnerabilities (CVE)

Vendor filter

Netapp Subscribe

Filter

279 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-9640 5 Php, Canonical, Debian and 2 more 5 Php, Ubuntu Linux, Debian Linux and 2 more 2019-06-03 5.0
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.
CVE-2019-9639 5 Php, Canonical, Debian and 2 more 5 Php, Ubuntu Linux, Debian Linux and 2 more 2019-06-03 5.0
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.
CVE-2019-9638 5 Php, Debian, Canonical and 2 more 5 Php, Debian Linux, Ubuntu Linux and 2 more 2019-06-03 5.0
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.
CVE-2019-9637 5 Php, Debian, Canonical and 2 more 5 Php, Debian Linux, Ubuntu Linux and 2 more 2019-06-03 5.0
An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the...
CVE-2019-2426 2 Oracle, Netapp 5 Jdk, Jre, Oncommand Unified Manager and 2 more 2019-06-03 4.3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated...
CVE-2019-2422 6 Oracle, Netapp, Canonical and 3 more 15 Jdk, Jre, Oncommand Unified Manager and 12 more 2019-06-03 4.3
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated...
CVE-2019-11035 3 Php, Canonical, Netapp 3 Php, Ubuntu Linux, Storage Automation Store 2019-06-03 6.4
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.
CVE-2019-11034 3 Php, Canonical, Netapp 3 Php, Ubuntu Linux, Storage Automation Store 2019-06-03 6.4
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
CVE-2018-11212 7 Ijg, Netapp, Oracle and 4 more 13 Libjpeg, Oncommand Unified Manager, Oncommand Workflow Automation and 10 more 2019-06-03 4.3
An issue was discovered in libjpeg 9a. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
CVE-2019-8936 5 Netapp, Ntp, Fedoraproject and 2 more 5 Data Ontap Operating In 7-mode, Ntp, Fedora and 2 more 2019-05-31 5.0
NTP through 4.2.8p12 has a NULL Pointer Dereference.
CVE-2019-5489 2 Linux, Netapp 3 Linux Kernel, Active Iq Performance Analytics Services, Element Software Management Node 2019-05-31 2.1
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing...
CVE-2019-9070 2 Gnu, Netapp 2 Binutils, Element Software Management 2019-05-24 6.8
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.
CVE-2019-9077 2 Gnu, Netapp 2 Binutils, Element Software 2019-05-24 6.8
An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.
CVE-2019-9075 2 Gnu, Netapp 2 Binutils, Element Software Management 2019-05-23 6.8
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.
CVE-2019-9074 2 Gnu, Netapp 2 Binutils, Element Software Management 2019-05-23 4.3
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.
CVE-2019-9071 2 Gnu, Netapp 2 Binutils, Element Software Management 2019-05-23 4.3
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.
CVE-2019-9076 2 Gnu, Netapp 2 Binutils, Element Software Management 2019-05-23 4.3
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.
CVE-2019-9073 2 Gnu, Netapp 2 Binutils, Element Software Management 2019-05-23 4.3
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.
CVE-2019-9072 2 Gnu, Netapp 2 Binutils, Element Software Management 2019-05-23 4.3
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in setup_group in elf.c.
CVE-2018-6443 2 Brocade, Netapp 2 Network Advisor, Brocade Network Advisor 2019-05-23 4.3
A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional...