Vasa Provider Security Vulnerabilities and Issues — Vasa Provider CVE List

Lucene search

NetappVasa Provider

11 matches found

CVE•added 2018/08/17 7:29 p.m.•4830 views

CVE-2018-15473

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.

5.3CVSS5.8AI score0.92468EPSS

CVE•added 2018/01/21 10:29 p.m.•4058 views

CVE-2016-10708

sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

7.5CVSS5.9AI score0.01193EPSS

CVE•added 2018/02/01 2:29 p.m.•275 views

CVE-2018-6485

An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.

9.8CVSS8.4AI score0.00663EPSS

CVE•added 2020/10/23 1:15 p.m.•269 views

CVE-2020-27216

In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub direct...

7CVSS6.9AI score0.00164EPSS

CVE•added 2018/12/07 7:29 a.m.•203 views

CVE-2018-19931

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.

7.8CVSS7.7AI score0.00423EPSS

CVE•added 2017/08/08 3:29 p.m.•173 views

CVE-2017-10053

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network...

5.3CVSS5.3AI score0.0076EPSS

CVE•added 2018/12/07 7:29 a.m.•173 views

CVE-2018-19932

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.

5.5CVSS6.3AI score0.00328EPSS

CVE•added 2018/04/19 2:29 a.m.•132 views

CVE-2018-2826

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require ...

8.3CVSS8AI score0.02995EPSS

CVE•added 2018/12/10 2:29 a.m.•126 views

CVE-2018-20002

The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.

5.5CVSS5.7AI score0.00503EPSS

CVE•added 2018/04/19 2:29 a.m.•112 views

CVE-2018-2825

8.3CVSS8AI score0.01133EPSS

CVE•added 2017/12/11 3:29 p.m.•39 views

CVE-2016-6904

Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. This could allow an unauthenticated attacker to obtain authentication credentials.

8.1CVSS8.1AI score0.00225EPSS