Vulnerabilities (CVE)

Vendor filter

Netapp Subscribe

Filter

279 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-2813 5 Oracle, Canonical, Debian and 2 more 14 Mysql, Ubuntu Linux, Debian Linux and 11 more 2019-05-21 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged...
CVE-2018-2810 3 Oracle, Canonical, Netapp 6 Mysql, Ubuntu Linux, Oncommand Insight and 3 more 2019-05-21 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...
CVE-2019-2449 3 Oracle, Netapp, Redhat 9 Jdk, Oncommand Unified Manager, Oncommand Workflow Automation and 6 more 2019-05-16 2.6
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2019-9003 2 Linux, Netapp 2 Linux Kernel, Element Software Management 2019-05-16 7.8
In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.
CVE-2017-7657 3 Eclipse, Debian, Netapp 10 Jetty, Debian Linux, E-series Santricity Management and 7 more 2019-05-15 7.5
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer...
CVE-2019-3863 5 Libssh2, Netapp, Debian and 2 more 10 Libssh2, Ontap Select Deploy Administration Utility, Debian Linux and 7 more 2019-05-14 6.8
A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of...
CVE-2019-3857 5 Libssh2, Netapp, Debian and 2 more 10 Libssh2, Ontap Select Deploy Administration Utility, Debian Linux and 7 more 2019-05-14 6.8
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to...
CVE-2019-3856 5 Libssh2, Netapp, Debian and 2 more 10 Libssh2, Ontap Select Deploy Administration Utility, Debian Linux and 7 more 2019-05-14 6.8
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client...
CVE-2019-3855 6 Libssh2, Netapp, Debian and 3 more 11 Libssh2, Ontap Select Deploy Administration Utility, Debian Linux and 8 more 2019-05-14 9.3
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client...
CVE-2018-16866 4 Freedesktop, Canonical, Debian and 1 more 5 Systemd, Ubuntu Linux, Debian Linux and 2 more 2019-05-13 2.1
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
CVE-2019-0190 4 Apache, Netapp, Openssl and 1 more 4 Http Server, Santricity Cloud Connector, Openssl and 1 more 2019-05-13 5.0
A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP...
CVE-2019-7222 6 Debian, Fedoraproject, Linux and 3 more 7 Debian Linux, Fedora, Linux Kernel and 4 more 2019-05-13 2.1
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
CVE-2016-8612 3 Apache, Redhat, Netapp 3 Http Server, Enterprise Linux, Storage Automation Store 2019-05-10 3.3
Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process.
CVE-2018-3693 6 Arm, Intel, Netapp and 3 more 37 Cortex-a, Cortex-r, Atom C and 34 more 2019-05-10 4.7
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.
CVE-2017-9788 6 Apache, Netapp, Oracle and 3 more 16 Httpd, Http Server, Oncommand Unified Manager and 13 more 2019-05-10 6.4
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an...
CVE-2018-16888 3 Freedesktop, Netapp, Redhat 4 Systemd, Active Iq Performance Analytics Services, Element Software and 1 more 2019-05-10 1.9
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to...
CVE-2018-0735 6 Netapp, Openssl, Canonical and 3 more 22 Cloud Backup, Oncommand Unified Manager, Santricity Smi-s Provider and 19 more 2019-05-10 4.3
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in...
CVE-2018-19985 3 Debian, Linux, Netapp 4 Debian Linux, Linux Kernel, Active Iq Performance Analytics Services and 1 more 2019-05-09 2.1
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows...
CVE-2018-17199 5 Apache, Netapp, Debian and 2 more 6 Http Server, Santricity Cloud Connector, Debian Linux and 3 more 2019-05-07 5.0
In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_session_cookie sessions since the expiry time is loaded when the...
CVE-2018-17189 5 Apache, Netapp, Debian and 2 more 6 Http Server, Santricity Cloud Connector, Storage Automation Store and 3 more 2019-05-07 5.0
In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2...