Filtered by vendor Netapp Subscriptions
Filtered by product Ontap Select Deploy Administration Utility Subscriptions
Total 157 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-19956 8 Canonical, Debian, Fedoraproject and 5 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2024-11-21 7.5 High
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
CVE-2019-19646 5 Netapp, Oracle, Siemens and 2 more 6 Cloud Backup, Ontap Select Deploy Administration Utility, Mysql Workbench and 3 more 2024-11-21 9.8 Critical
pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.
CVE-2019-19645 5 Netapp, Oracle, Siemens and 2 more 6 Cloud Backup, Ontap Select Deploy Administration Utility, Mysql Workbench and 3 more 2024-11-21 5.5 Medium
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.
CVE-2019-19603 6 Apache, Netapp, Oracle and 3 more 7 Guacamole, Cloud Backup, Ontap Select Deploy Administration Utility and 4 more 2024-11-21 7.5 High
SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash.
CVE-2019-19317 4 Netapp, Oracle, Siemens and 1 more 5 Cloud Backup, Ontap Select Deploy Administration Utility, Mysql Workbench and 2 more 2024-11-21 9.8 Critical
lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2019-17498 6 Debian, Fedoraproject, Libssh2 and 3 more 13 Debian Linux, Fedora, Libssh2 and 10 more 2024-11-21 8.1 High
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.
CVE-2019-17272 1 Netapp 1 Ontap Select Deploy Administration Utility 2024-11-21 7.2 High
All versions of ONTAP Select Deploy administration utility are susceptible to a vulnerability which when successfully exploited could allow an administrative user to escalate their privileges.
CVE-2019-16168 9 Canonical, Debian, Fedoraproject and 6 more 21 Ubuntu Linux, Debian Linux, Fedora and 18 more 2024-11-21 6.5 Medium
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
CVE-2019-13118 7 Apple, Canonical, Fedoraproject and 4 more 25 Icloud, Iphone Os, Itunes and 22 more 2024-11-21 5.3 Medium
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
CVE-2019-13115 5 Debian, F5, Fedoraproject and 2 more 7 Debian Linux, Traffix Systems Signaling Delivery Controller, Fedora and 4 more 2024-11-21 8.1 High
In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.
CVE-2018-25032 11 Apple, Azul, Debian and 8 more 45 Mac Os X, Macos, Zulu and 42 more 2024-11-21 7.5 High
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
CVE-2018-20796 2 Gnu, Netapp 4 Glibc, Cloud Backup, Ontap Select Deploy Administration Utility and 1 more 2024-11-21 N/A
In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep.
CVE-2017-5995 1 Netapp 1 Ontap Select Deploy Administration Utility 2024-11-21 7.5 High
The NetApp ONTAP Select Deploy administration utility 2.0 through 2.2.1 might allow remote attackers to obtain sensitive information via unspecified vectors.
CVE-2016-5195 7 Canonical, Debian, Fedoraproject and 4 more 24 Ubuntu Linux, Debian Linux, Fedora and 21 more 2024-11-21 7.0 High
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
CVE-2016-20012 2 Netapp, Openbsd 5 Clustered Data Ontap, Hci Management Node, Ontap Select Deploy Administration Utility and 2 more 2024-11-21 5.3 Medium
OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product
CVE-2015-20107 4 Fedoraproject, Netapp, Python and 1 more 7 Fedora, Active Iq Unified Manager, Ontap Select Deploy Administration Utility and 4 more 2024-11-21 7.6 High
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9
CVE-2009-5155 2 Gnu, Netapp 4 Glibc, Cloud Backup, Ontap Select Deploy Administration Utility and 1 more 2024-11-21 N/A
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.