Data Ontap Security Vulnerabilities and Issues — Data Ontap CVE List

Lucene search

NetappData Ontap

9 matches found

CVE•added 2018/08/17 7:29 p.m.•4798 views

CVE-2018-15473

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

5.3CVSS5.8AI score0.90473EPSS

CVE•added 2020/12/08 4:15 p.m.•1011 views

CVE-2020-1971

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrec...

5.9CVSS5.7AI score0.00358EPSS

CVE•added 2017/01/30 9:59 p.m.•173 views

CVE-2016-2518

The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.

5.3CVSS6.2AI score0.00785EPSS

CVE•added 2018/10/23 5:29 p.m.•155 views

CVE-2018-18605

A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A speci...

5.5CVSS6.1AI score0.00558EPSS

CVE•added 2018/10/23 5:29 p.m.•150 views

CVE-2018-18607

An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF ...

5.5CVSS6AI score0.00718EPSS

CVE•added 2018/10/23 5:29 p.m.•145 views

CVE-2018-18606

An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ...

5.5CVSS6AI score0.00558EPSS

CVE•added 2017/08/07 8:29 p.m.•135 views

CVE-2015-7852

ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.

5.9CVSS7.1AI score0.03255EPSS

CVE•added 2017/08/18 4:29 p.m.•49 views

CVE-2017-12859

NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors.

5.9CVSS5.6AI score0.00585EPSS

CVE•added 2017/02/07 5:59 p.m.•45 views

CVE-2016-6495

NetApp Data ONTAP before 8.2.4P5, when operating in 7-Mode, allows remote attackers to obtain information about the volumes configured for HTTP access.

5.9CVSS5.6AI score0.0035EPSS