VIR Vulnerability Intelligence Relay

Search

Found 212 results in 90ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2017-5340 critical 9.8 9.8 FIX arch arch sles phpnetapp 10y ago Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial o…
CVE-2016-7172 high 7.5 7.5 netapp 10y ago NetApp Snap Creator Framework before 4.3.1 discloses sensitive information which could be viewed by an unauthorized user.
CVE-2016-7171 medium 5.6 5.6 netapp 10y ago NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation.
CVE-2016-8864 high 7.5 7.5 FIX debian debian slesarch arch iscnetapp 10y ago named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record…
CVE-2015-8960 high 8.1 8.1 sles ietfapplegoogle 10y ago The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute t…
CVE-2016-5047 medium 6.5 6.5 netapp 10y ago NetApp OnCommand System Manager 8.3.x before 8.3.2P5 allows remote authenticated users to cause a denial of service via unspecified vectors.
CVE-2016-3064 medium 6.5 6.5 netapp 10y ago NetApp Clustered Data ONTAP before 8.2.4P4 and 8.3.x before 8.3.2P2 allows remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors.
CVE-2016-7103 medium 6.1 6.1 FIX slesdebian debianfedora fedora jqueryuioraclenetapp 10y ago jQuery-UI vulnerable to Cross-site Scripting in dialog closeText
CVE-2015-7974 high 7.7 7.7 FIX slesdebian debian ntpnetapp 11y ago NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via a…
CVE-2015-3292 critical 10.0 EXP netapp 11y ago The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary c…
CVE-2014-9354 medium 4.0 netapp 12y ago NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage.
CVE-2014-9353 critical 10.0 netapp 12y ago NetApp OnCommand Balance before 4.2P2 contains a "default privileged account," which allows remote attackers to gain privileges via unspecified vectors.