Search
Total
47 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-36054 | 3 Debian, Mit, Netapp | 7 Debian Linux, Kerberos 5, Active Iq Unified Manager and 4 more | 2023-11-15 | N/A | 6.5 MEDIUM |
| lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count. | |||||
| CVE-2021-0127 | 2 Intel, Netapp | 755 Celeron G1610, Celeron G1610t, Celeron G1620 and 752 more | 2023-08-08 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access. | |||||
| CVE-2023-28321 | 4 Apple, Fedoraproject, Haxx and 1 more | 13 Macos, Fedora, Curl and 10 more | 2023-08-02 | N/A | 5.9 MEDIUM |
| An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`. | |||||
| CVE-2023-28320 | 3 Apple, Haxx, Netapp | 12 Macos, Curl, Clustered Data Ontap and 9 more | 2023-08-02 | N/A | 5.9 MEDIUM |
| A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave. | |||||
| CVE-2022-29824 | 4 Debian, Fedoraproject, Netapp and 1 more | 13 Debian Linux, Fedora, Active Iq Unified Manager and 10 more | 2022-07-25 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. | |||||
| CVE-2021-3537 | 6 Debian, Fedoraproject, Netapp and 3 more | 20 Debian Linux, Fedora, Active Iq Unified Manager and 17 more | 2022-07-25 | 4.3 MEDIUM | 5.9 MEDIUM |
| A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2020-24977 | 6 Debian, Fedoraproject, Netapp and 3 more | 19 Debian Linux, Fedora, Active Iq Unified Manager and 16 more | 2022-07-25 | 6.4 MEDIUM | 6.5 MEDIUM |
| GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e. | |||||
| CVE-2021-22947 | 7 Apple, Debian, Fedoraproject and 4 more | 30 Macos, Debian Linux, Fedora and 27 more | 2022-07-25 | 4.3 MEDIUM | 5.9 MEDIUM |
| When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server. | |||||
| CVE-2021-27001 | 1 Netapp | 1 Clustered Data Ontap | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local attacker to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period. | |||||
| CVE-2021-22925 | 6 Apple, Fedoraproject, Haxx and 3 more | 10 Mac Os X, Macos, Fedora and 7 more | 2022-06-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application. | |||||
| CVE-2020-8698 | 5 Debian, Fedoraproject, Intel and 2 more | 49 Debian Linux, Fedora, Core I3-1000g1 and 46 more | 2022-04-26 | 2.1 LOW | 5.5 MEDIUM |
| Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2016-20012 | 2 Netapp, Openbsd | 5 Clustered Data Ontap, Hci Management Node, Ontap Select Deploy Administration Utility and 2 more | 2022-02-24 | 4.3 MEDIUM | 5.3 MEDIUM |
| ** DISPUTED ** OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product. | |||||
| CVE-2021-21705 | 3 Netapp, Oracle, Php | 3 Clustered Data Ontap, Sd-wan Aware, Php | 2022-02-22 | 5.0 MEDIUM | 5.3 MEDIUM |
| In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly parsing the URL and potentially leading to other security implications - like contacting a wrong server or making a wrong access decision. | |||||
| CVE-2021-21707 | 2 Netapp, Php | 2 Clustered Data Ontap, Php | 2022-02-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended. | |||||
| CVE-2015-7977 | 8 Canonical, Debian, Fedoraproject and 5 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2022-02-01 | 4.3 MEDIUM | 5.9 MEDIUM |
| ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. | |||||
| CVE-2020-7071 | 3 Debian, Netapp, Php | 3 Debian Linux, Clustered Data Ontap, Php | 2021-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong data as components of the URL. | |||||
| CVE-2021-22923 | 4 Fedoraproject, Haxx, Netapp and 1 more | 6 Fedora, Curl, Clustered Data Ontap and 3 more | 2021-12-10 | 2.6 LOW | 5.3 MEDIUM |
| When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user's expectations and intentions and without telling the user it happened. | |||||
| CVE-2021-22922 | 4 Fedoraproject, Haxx, Netapp and 1 more | 6 Fedora, Curl, Clustered Data Ontap and 3 more | 2021-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk. | |||||
| CVE-2020-7070 | 7 Canonical, Debian, Fedoraproject and 4 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2021-12-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information. | |||||
| CVE-2020-7069 | 8 Canonical, Debian, Fedoraproject and 5 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2021-12-02 | 6.4 MEDIUM | 6.5 MEDIUM |
| In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data. | |||||
| CVE-2021-21704 | 2 Netapp, Php | 2 Clustered Data Ontap, Php | 2021-11-03 | 4.3 MEDIUM | 5.9 MEDIUM |
| In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid response data that is not parsed correctly by the driver. This can result in crashes, denial of service or potentially memory corruption. | |||||
| CVE-2021-27003 | 1 Netapp | 1 Clustered Data Ontap | 2021-10-18 | 4.3 MEDIUM | 4.7 MEDIUM |
| Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X-Frame-Options header which could allow a clickjacking attack. | |||||
| CVE-2019-10092 | 8 Apache, Canonical, Debian and 5 more | 10 Http Server, Ubuntu Linux, Debian Linux and 7 more | 2021-09-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed. | |||||
| CVE-2020-8576 | 1 Netapp | 1 Clustered Data Ontap | 2021-07-21 | 5.5 MEDIUM | 5.4 MEDIUM |
| Clustered Data ONTAP versions prior to 9.3P19, 9.5P14, 9.6P9 and 9.7 are susceptible to a vulnerability which when successfully exploited could lead to addition or modification of data or disclosure of sensitive information. | |||||
| CVE-2020-8581 | 1 Netapp | 1 Clustered Data Ontap | 2021-07-21 | 3.5 LOW | 6.5 MEDIUM |
| Clustered Data ONTAP versions prior to 9.3P20 and 9.5 are susceptible to a vulnerability which could allow an authenticated but unauthorized attacker to overwrite arbitrary data when VMware vStorage support is enabled. | |||||
| CVE-2020-8696 | 4 Debian, Fedoraproject, Intel and 1 more | 502 Debian Linux, Fedora, Celeron 3855u and 499 more | 2021-07-02 | 2.1 LOW | 5.5 MEDIUM |
| Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2021-26994 | 1 Netapp | 1 Clustered Data Ontap | 2021-06-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| Clustered Data ONTAP versions prior to 9.7P13 and 9.8P3 are susceptible to a vulnerability which could allow single workloads to cause a Denial of Service (DoS) on a cluster node. | |||||
| CVE-2016-2518 | 7 Debian, Freebsd, Netapp and 4 more | 18 Debian Linux, Freebsd, Clustered Data Ontap and 15 more | 2021-06-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value. | |||||
| CVE-2018-1283 | 5 Apache, Canonical, Debian and 2 more | 8 Http Server, Ubuntu Linux, Debian Linux and 5 more | 2021-06-06 | 3.5 LOW | 5.3 MEDIUM |
| In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. This comes from the "HTTP_SESSION" variable name used by mod_session to forward its data to CGIs, since the prefix "HTTP_" is also used by the Apache HTTP Server to pass HTTP header fields, per CGI specifications. | |||||
| CVE-2018-1301 | 5 Apache, Canonical, Debian and 2 more | 8 Http Server, Ubuntu Linux, Debian Linux and 5 more | 2021-06-06 | 4.3 MEDIUM | 5.9 MEDIUM |
| A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. This vulnerability is considered very hard if not impossible to trigger in non-debug mode (both log and build level), so it is classified as low risk for common server usage. | |||||
| CVE-2018-1302 | 3 Apache, Canonical, Netapp | 6 Http Server, Ubuntu Linux, Clustered Data Ontap and 3 more | 2021-06-06 | 4.3 MEDIUM | 5.9 MEDIUM |
| When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk. | |||||
| CVE-2015-7973 | 5 Canonical, Freebsd, Netapp and 2 more | 9 Ubuntu Linux, Freebsd, Clustered Data Ontap and 6 more | 2021-04-26 | 5.8 MEDIUM | 6.5 MEDIUM |
| NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network. | |||||
| CVE-2015-7855 | 4 Debian, Netapp, Ntp and 1 more | 11 Debian Linux, Clustered Data Ontap, Data Ontap and 8 more | 2021-04-19 | 4.0 MEDIUM | 6.5 MEDIUM |
| The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value. | |||||
| CVE-2018-15473 | 5 Canonical, Debian, Netapp and 2 more | 21 Ubuntu Linux, Debian Linux, Aff Baseboard Management Controller and 18 more | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. | |||||
| CVE-2020-7456 | 2 Freebsd, Netapp | 2 Freebsd, Clustered Data Ontap | 2020-07-07 | 7.2 HIGH | 6.8 MEDIUM |
| In FreeBSD 12.1-STABLE before r361918, 12.1-RELEASE before p6, 11.4-STABLE before r361919, 11.3-RELEASE before p10, and 11.4-RC2 before p1, an invalid memory location may be used for HID items if the push/pop level is not restored within the processing of that HID item allowing an attacker with physical access to a USB port to be able to use a specially crafted USB device to gain kernel or user-space code execution. | |||||
| CVE-2015-7702 | 5 Debian, Netapp, Ntp and 2 more | 13 Debian Linux, Clustered Data Ontap, Data Ontap and 10 more | 2020-06-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. | |||||
| CVE-2015-7852 | 5 Debian, Netapp, Ntp and 2 more | 14 Debian Linux, Clustered Data Ontap, Data Ontap and 11 more | 2020-06-18 | 4.3 MEDIUM | 5.9 MEDIUM |
| ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets. | |||||
| CVE-2015-7850 | 3 Debian, Netapp, Ntp | 7 Debian Linux, Clustered Data Ontap, Data Ontap and 4 more | 2020-06-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file. | |||||
| CVE-2019-5506 | 1 Netapp | 1 Clustered Data Ontap | 2019-10-18 | 4.3 MEDIUM | 5.9 MEDIUM |
| Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain circumstances making them susceptible to impersonation via man-in-the-middle attacks. | |||||
| CVE-2018-5497 | 1 Netapp | 1 Clustered Data Ontap | 2019-02-15 | 2.1 LOW | 4.4 MEDIUM |
| Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user. | |||||
| CVE-2018-5498 | 1 Netapp | 1 Clustered Data Ontap | 2019-02-05 | 3.5 LOW | 4.4 MEDIUM |
| Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vulnerability which allows remote authenticated attackers to cause a Denial of Service (DoS) in NFS and SMB environments. Exploitation of this vulnerability will allow a remote authenticated attacker to cause a Denial of Service (DoS) on affected versions of clustered Data ONTAP configured for multiprotocol access. | |||||
| CVE-2017-14583 | 1 Netapp | 1 Clustered Data Ontap | 2018-01-05 | 4.0 MEDIUM | 6.5 MEDIUM |
| NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an attacker to cause a Denial of Service (DoS) in SMB environments. | |||||
| CVE-2017-5201 | 1 Netapp | 1 Clustered Data Ontap | 2017-11-29 | 2.7 LOW | 5.7 MEDIUM |
| NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors, a different vulnerability than CVE-2016-3064. | |||||
| CVE-2016-1563 | 1 Netapp | 1 Clustered Data Ontap | 2017-11-16 | 5.8 MEDIUM | 6.8 MEDIUM |
| NetApp Clustered Data ONTAP 8.3.1 does not properly verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2016-3064 | 1 Netapp | 1 Clustered Data Ontap | 2017-11-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| NetApp Clustered Data ONTAP before 8.2.4P4 and 8.3.x before 8.3.2P2 allows remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors. | |||||
| CVE-2017-7947 | 1 Netapp | 1 Clustered Data Ontap | 2017-08-08 | 5.0 MEDIUM | 6.5 MEDIUM |
| NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on the command line. | |||||
| CVE-2017-7345 | 1 Netapp | 1 Clustered Data Ontap | 2017-04-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service to the network, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||||