VIR Vulnerability Intelligence Relay

Search

Found 116 results in 74ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2016-1894 high 8.1 8.1 netapp 9y ago NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors.
CVE-2016-1502 high 7.3 7.3 netapp 9y ago NetApp SnapCenter Server 1.0 and 1.0P1 allows remote attackers to partially bypass authentication and then list and delete backups via unspecified vectors.
CVE-2015-8544 high 7.5 7.5 netapp 9y ago NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2016-10165 high 7.1 7.1 FIX slesdebian debian rhel littlecmsredhatnetapp 10y ago The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which …
CVE-2017-5600 critical 9.8 9.8 netapp 10y ago The Data Warehouse component in NetApp OnCommand Insight before 7.2.3 allows remote attackers to obtain administrative access by leveraging a default privileged account.
CVE-2016-10160 critical 9.8 9.8 slesdebian debian phpnetapp 10y ago Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possib…
CVE-2016-9131 high 7.5 7.5 FIX debian debian slesarch arch iscnetapp 10y ago named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed re…
CVE-2016-6820 high 7.5 7.5 netapp 10y ago MetroCluster Tiebreaker for clustered Data ONTAP in versions before 1.2 discloses sensitive information in cleartext which may be viewed by an unauthenticated user.
CVE-2016-7480 critical 9.8 9.8 sles phpnetapp 10y ago The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or caus…
CVE-2017-5340 critical 9.8 9.8 FIX arch arch sles phpnetapp 10y ago Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial o…
CVE-2016-7172 high 7.5 7.5 netapp 10y ago NetApp Snap Creator Framework before 4.3.1 discloses sensitive information which could be viewed by an unauthorized user.
CVE-2016-8864 high 7.5 7.5 FIX debian debian slesarch arch iscnetapp 10y ago named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record…
CVE-2015-8960 high 8.1 8.1 sles ietfapplegoogle 10y ago The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute t…
CVE-2015-7974 high 7.7 7.7 FIX slesdebian debian ntpnetapp 11y ago NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via a…
CVE-2015-3292 critical 10.0 EXP netapp 11y ago The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary c…
CVE-2014-9353 critical 10.0 netapp 12y ago NetApp OnCommand Balance before 4.2P2 contains a "default privileged account," which allows remote attackers to gain privileges via unspecified vectors.