VIR Vulnerability Intelligence Relay

Search

Found 124 results in 37ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2025-26465 medium 6.8 6.8 FIX rhel rocky sles openbsdnetappredhat 1y ago A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occur…
CVE-2024-21262 medium 6.5 6.5 netapporacle 2y ago Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 9.0.0 and prior. Easily exploitable vulnerability allows unauthent…
CVE-2024-34397 medium 5.2 5.2 FIX rhel rockydebian debian gnomenetapp 2y ago RHSA-2025:11327: glib2 security update (Moderate)
CVE-2024-33600 medium 5.9 5.9 FIX rhel rockydebian debian gnunetapp 2y ago RHSA-2024:3344: glibc security update (Important)
CVE-2023-27043 medium 5.3 5.3 FIX rhel rocky sles netapppython 2y ago The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In …
CVE-2023-38545 critical 9.8 9.8 FIX rhelarch archdebian debian haxxnetapp 3y ago This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it…
CVE-2023-25136 medium 6.5 6.5 FIX arch arch rheldebian debian openbsdnetapp 3y ago OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote a…
CVE-2022-21626 medium 5.3 5.3 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2023:0128: java-1.8.0-ibm security update (Moderate)
CVE-2022-21618 medium 5.3 5.3 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2022:7012: java-11-openjdk security and bug fix update (Moderate)
CVE-2022-21549 medium 5.3 5.3 FIX rhel sles rocky oracleazulnetapp 4y ago RHSA-2022:5726: java-17-openjdk security, bug fix, and enhancement update (Important)
CVE-2022-21540 medium 5.3 5.3 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2022:5726: java-17-openjdk security, bug fix, and enhancement update (Important)
CVE-2022-27774 medium 5.7 5.7 FIX rhelarch archdebian debian haxxnetappsplunk 4y ago An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is …
CVE-2019-13118 medium 5.3 5.3 FIX slesdebian debiansuse suse xmlsoftnetapporacle 4y ago In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, …
CVE-2022-21366 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0185: java-11-openjdk security update (Moderate)
CVE-2022-21360 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21341 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21340 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21305 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21299 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21296 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21294 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21293 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21291 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0185: java-11-openjdk security update (Moderate)
CVE-2022-21283 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21282 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21277 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0185: java-11-openjdk security update (Moderate)
CVE-2022-23305 critical 9.8 9.8 FIX debian debian sles rocky apachenetappbroadcom 4y ago RHSA-2022:0290: parfait:0.5 security update (Important)
CVE-2021-45105 medium 5.9 5.9 FIX debian debian sles apachenetappsonicwall 5y ago Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thre…
CVE-2021-35556 medium 5.3 5.3 FIX arch arch sles rocky oraclenetapp 5y ago RHSA-2022:0345: java-1.8.0-ibm security update (Important)
CVE-2016-20012 medium 5.3 5.3 FIX slesarch archdebian debian openbsdnetapp 5y ago OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occu…
CVE-2021-22897 medium 5.3 5.3 FIX arch archdebian debian haxxoraclenetapp 5y ago curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The s…
CVE-2021-3522 medium 5.5 5.5 FIX debian debian sles gstreamernetapporacle 5y ago GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
CVE-2019-16168 medium 6.5 6.5 FIX rocky slesdebian debian sqlitenetapptenable 5y ago RHSA-2021:1968: mingw packages security and bug fix update (Moderate)
CVE-2020-1971 medium 5.9 5.9 FIX arch arch slesdebian debian openssloraclenetapp 6y ago RHSA-2020:5476: openssl security and bug fix update (Important)
CVE-2020-9546 critical 9.8 9.8 FIX debian debian rocky rhel fasterxmlnetapporacle 6y ago RHSA-2020:1644: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (Moderate)
CVE-2019-17571 critical 9.8 9.8 FIX debian debian slesubuntu ubuntu apachenetapporacle 7y ago Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization ga…
CVE-2019-15213 medium 4.6 4.6 FIX slesdebian debian linux-kernel netapp 7y ago An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-11068 critical 9.8 9.8 FIX slesdebian debianubuntu ubuntu xmlsoftoraclenetapp 7y ago RHSA-2020:4464: libxslt security update (Moderate)
CVE-2019-7317 medium 5.3 5.3 FIX arch arch slesdebian debian libpngoraclehp 7y ago png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVE-2019-6109 medium 6.8 6.8 FIX arch arch slesubuntu ubuntu openbsdwinscpnetapp 7y ago An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the…
CVE-2017-5753 medium 5.6 6.6 EXPFIX arch arch slesdebian debian inteloraclesynology 9y ago Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-14583 medium 6.5 6.5 netapp 9y ago NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an attacker to cause a Denial of Service (DoS) in SMB environments.
CVE-2017-15707 medium 6.2 6.2 apachenetapporacle 9y ago Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin
CVE-2017-15517 medium 5.5 5.5 netapp 9y ago AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to obtain sensitive information via unspecified vectors. All users are urged to move to a fixed version and change passwords used by …
CVE-2017-5201 medium 5.7 5.7 netapp 9y ago NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors, a different vulnerability tha…
CVE-2017-11461 medium 4.3 4.3 netapp 9y ago NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintende…
CVE-2017-15906 medium 5.3 5.3 FIX slesdebian debian rhel openbsdoraclenetapp 9y ago The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2010-5312 medium 6.1 6.1 FIX debian debianfedora fedora jqueryuinetappapache 9y ago Cross-site Scripting in jquery-ui
CVE-2017-10384 medium 6.5 6.5 slesdebian debian rhel oraclemariadbnetapp 9y ago Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily expl…
CVE-2017-10379 medium 6.5 6.5 slesdebian debian rhel oraclemariadbredhat 9y ago Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Ea…
CVE-2017-10378 medium 6.5 6.5 slesdebian debian rhel oraclemariadbredhat 9y ago Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. …
CVE-2017-10357 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded…
CVE-2017-10356 medium 6.2 6.2 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embe…
CVE-2017-10355 medium 5.3 6.3 EXPFIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Em…
CVE-2017-10350 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easil…
CVE-2017-10349 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. …
CVE-2017-10348 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u…
CVE-2017-10347 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. …
CVE-2017-10346 critical 9.6 9.6 FIX sles rheldebian debian oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u14…
CVE-2017-10320 medium 4.9 4.9 sles oraclemariadbnetapp 9y ago Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high p…
CVE-2017-10295 medium 4.0 4.0 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Em…
CVE-2017-10293 medium 6.1 6.1 FIX slesdebian debian oraclenetapp 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows …
CVE-2017-10286 medium 4.4 4.4 sles oraclenetappmariadb 9y ago Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vu…
CVE-2017-10285 critical 9.6 9.6 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. E…
CVE-2017-10281 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE…
CVE-2017-10274 medium 6.8 6.8 FIX slesdebian debian rhel oraclenetapp 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability…
CVE-2017-10268 medium 4.1 4.1 slesdebian debian rhel oracleredhatmariadb 9y ago Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier…
CVE-2016-1895 medium 6.5 6.5 netapp 9y ago NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to cause a denial of service via vectors related to unsafe user input string handling.
CVE-2017-12422 medium 6.5 6.5 netapp 9y ago NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10.4.0.2 allow remote authenticated users to delete arbitrary objects via unspecified vectors.
CVE-2016-6794 medium 5.3 5.3 slesdebian debian rhel apacheredhatnetapp 9y ago System Property Disclosure in Apache Tomcat
CVE-2016-5018 critical 9.1 9.1 slesdebian debian rhel apachenetappredhat 9y ago Authentication Bypass Using an Alternate Path or Channel in Apache Tomcat
CVE-2016-0762 medium 5.9 5.9 slesdebian debian rhel apacheredhatnetapp 9y ago Observable Discrepancy in Apache Tomcat
CVE-2017-10243 medium 6.5 6.5 FIX slesdebian debian rhel netapporacleredhat 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded:…
CVE-2017-10198 medium 6.8 6.8 FIX slesdebian debian rhel oraclephoenixcontactnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedde…
CVE-2017-10135 medium 5.9 5.9 FIX slesdebian debian rhel oraclephoenixcontactnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u…
CVE-2017-10111 critical 9.6 9.6 FIX slesdebian debian rhel oraclenetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 8u131; Java SE Embedded: 8u131. Easily exploit…
CVE-2017-10110 critical 9.6 9.6 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthe…
CVE-2017-10109 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Em…
CVE-2017-10108 medium 5.3 5.3 FIX slesdebian debian rhel oraclephoenixcontactredhat 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Em…
CVE-2017-10107 critical 9.6 9.6 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easi…
CVE-2017-10105 medium 4.3 4.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows …
CVE-2017-10102 critical 9.0 9.0 FIX slesdebian debian rhel oraclephoenixcontactnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Diff…
CVE-2017-10101 critical 9.6 9.6 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Eas…
CVE-2017-10096 critical 9.6 9.6 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Eas…
CVE-2017-10090 critical 9.6 9.6 FIX slesdebian debian rhel oraclenetappredhat 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easil…
CVE-2017-10089 critical 9.6 9.6 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows una…
CVE-2017-10087 critical 9.6 9.6 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131…
CVE-2017-10086 critical 9.6 9.6 FIX slesdebian debian oraclenetapp 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthentic…
CVE-2017-10081 medium 4.3 4.3 FIX slesdebian debian oraclenetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. …
CVE-2017-10053 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u1…
CVE-2015-7871 critical 9.8 10.0 EXPFIX debian debian ntpnetapp 9y ago Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
CVE-2015-7855 medium 6.5 7.5 EXPFIX debian debian ntpnetapp 9y ago The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a l…
CVE-2015-7853 critical 9.8 9.8 FIX debian debian ntpnetapp 9y ago The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative…
CVE-2015-7852 medium 5.9 5.9 FIX debian debian rhel ntpnetapp 9y ago ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.
CVE-2015-7850 medium 6.5 6.5 FIX debian debian ntpnetapp 9y ago ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.
CVE-2015-7705 critical 9.8 9.8 FIX debian debian ntpnetappcitrix 9y ago The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.
CVE-2015-7702 medium 6.5 6.5 FIX debian debian rhel ntpnetapp 9y ago The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomple…
CVE-2017-8919 medium 6.5 6.5 netapp 9y ago NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password when a user attempts to log in using the REST API, which allows remote authenticated users to obtain sensitive password informat…
CVE-2017-7947 medium 6.5 6.5 netapp 9y ago NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on …
CVE-2017-9788 critical 9.1 9.1 FIX debian debianarch arch sles apachenetappredhat 9y ago In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assi…