Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
data ontap vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2019-5497
NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution.
Netapp Aff A700s Firmware
Netapp Clustered Data Ontap -
668
VMScore
CVE-2016-7480
The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP prior to 7.0.12 does not verify that a key is an object, which allows remote malicious users to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialize...
Php Php
Netapp Clustered Data Ontap -
668
VMScore
CVE-2017-5340
Zend/zend_hash.c in PHP prior to 7.0.15 and 7.1.x prior to 7.1.1 mishandles certain cases that require large array allocations, which allows remote malicious users to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of ar...
Php Php
Netapp Clustered Data Ontap -
570
VMScore
CVE-2017-11147
In PHP prior to 5.6.30 and 7.x prior to 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the phar_parse_pharfile function in ext/phar/phar.c.
Php Php
Netapp Clustered Data Ontap -
445
VMScore
CVE-2017-14053
NetApp OnCommand Unified Manager for Clustered Data ONTAP prior to 7.2P1 does not set the secure flag for an unspecified cookie in an HTTPS session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission within an HTTP session.
Netapp Oncommand Unified Manager For Clustered Data Ontap
447
VMScore
CVE-2018-15919
Remotely observable behaviour in auth-gss2.c in OpenSSH up to and including 7.8 could be used by remote malicious users to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to ...
Openbsd Openssh
Netapp Data Ontap Edge -
Netapp Ontap Select Deploy -
Netapp Steelstore -
Netapp Cloud Backup -
Netapp Cn1610 Firmware -
8 Github repositories
694
VMScore
CVE-2004-2539
Unknown vulnerability in Network Appliance NetCache 5.2 and Data ONTAP 6.0 allows remote malicious users to cause a denial of service (panic and reboot) and possibly other impacts via unknown attack vectors, possibly related to unspecified worms, as identified by bug ID
Network Appliance Data Ontap 6.0
Network Appliance Netcache 5.2
384
VMScore
CVE-2016-20012
OpenSSH up to and including 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be va...
Openbsd Openssh
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
2 Github repositories
668
VMScore
CVE-2019-15874
In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE prior to 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE prior to 11.3-RELEASE-p8, incomplete packet data validation may result in memory access after it has been freed leading to a kernel panic or other unpredicta...
Freebsd Freebsd 11.3
Freebsd Freebsd 12.1
Netapp Clustered Data Ontap -
668
VMScore
CVE-2019-5614
In FreeBSD 12.1-STABLE before r356035, 12.1-RELEASE prior to 12.1-RELEASE-p4, 11.3-STABLE before r356036, and 11.3-RELEASE prior to 11.3-RELEASE-p8, incomplete packet data validation may result in accessing out-of-bounds memory leading to a kernel panic or other unpredictable res...
Freebsd Freebsd 11.3
Freebsd Freebsd 12.1
Netapp Clustered Data Ontap -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »