← Back

Netapp

netapp

2,507 CVEs • 371 products

Products (371)

Click to collapse
Toggle
Oncommand Insight
oncommand_insight
971 CVEs
Active Iq Unified Manager
active_iq_unified_manager
848 CVEs
Oncommand Workflow Automation
oncommand_workflow_automation
743 CVEs
Snapcenter
snapcenter
575 CVEs
Cloud Backup
cloud_backup
345 CVEs
H700s Firmware
h700s_firmware
290 CVEs
H300s Firmware
h300s_firmware
289 CVEs
H500s Firmware
h500s_firmware
289 CVEs
H410s Firmware
h410s_firmware
289 CVEs
E Series Santricity Os Controller
e-series_santricity_os_controller
242 CVEs
H410c Firmware
h410c_firmware
237 CVEs
Steelstore Cloud Integrated Storage
steelstore_cloud_integrated_storage
211 CVEs
Solidfire
solidfire
192 CVEs
Clustered Data Ontap
clustered_data_ontap
187 CVEs
Hci Management Node
hci_management_node
182 CVEs
Snapmanager
snapmanager
180 CVEs
Ontap Select Deploy Administration Utility
ontap_select_deploy_administration_utility
179 CVEs
Oncommand Unified Manager
oncommand_unified_manager
169 CVEs
H700e Firmware
h700e_firmware
149 CVEs
H300e Firmware
h300e_firmware
148 CVEs
H500e Firmware
h500e_firmware
148 CVEs
E Series Santricity Storage Manager
e-series_santricity_storage_manager
140 CVEs
Storage Automation Store
storage_automation_store
113 CVEs
Solidfire & Hci Management Node
solidfire_&_hci_management_node
103 CVEs
Element Software
element_software
100 CVEs
E Series Santricity Web Services
e-series_santricity_web_services
99 CVEs
Oncommand Balance
oncommand_balance
83 CVEs
Santricity Unified Manager
santricity_unified_manager
77 CVEs
7 Mode Transition Tool
7-mode_transition_tool
75 CVEs
Oncommand Performance Manager
oncommand_performance_manager
73 CVEs
Storagegrid
storagegrid
72 CVEs
Virtual Storage Console
virtual_storage_console
70 CVEs
Solidfire Baseboard Management Controller Firmware
solidfire_baseboard_management_controller_firmware
70 CVEs
Vasa Provider For Clustered Data Ontap
vasa_provider_for_clustered_data_ontap
69 CVEs
Plug In For Symantec Netbackup
plug-in_for_symantec_netbackup
69 CVEs
Oncommand Shift
oncommand_shift
64 CVEs
Storage Replication Adapter For Clustered Data Ontap
storage_replication_adapter_for_clustered_data_ontap
63 CVEs
H610s Firmware
h610s_firmware
62 CVEs
E Series Performance Analyzer
e-series_performance_analyzer
61 CVEs
Data Availability Services
data_availability_services
61 CVEs
Cloud Secure Agent
cloud_secure_agent
57 CVEs
Bootstrap Os
bootstrap_os
56 CVEs
Cloud Insights Acquisition Unit
cloud_insights_acquisition_unit
53 CVEs
Hci Compute Node
hci_compute_node
49 CVEs
Solidfire, Enterprise Sds & Hci Storage Node
solidfire,_enterprise_sds_&_hci_storage_node
43 CVEs
Data Ontap
data_ontap
42 CVEs
Snap Creator Framework
snap_creator_framework
42 CVEs
H610c Firmware
h610c_firmware
38 CVEs
E Series Santricity Web Services Proxy
e-series_santricity_web_services_proxy
35 CVEs
Hci Compute Node Firmware
hci_compute_node_firmware
35 CVEs
H615c Firmware
h615c_firmware
35 CVEs
Hci Baseboard Management Controller
hci_baseboard_management_controller
34 CVEs
A700s Firmware
a700s_firmware
32 CVEs
Solidfire Baseboard Management Controller
solidfire_baseboard_management_controller
32 CVEs
E Series Santricity Unified Manager
e-series_santricity_unified_manager
30 CVEs
Service Level Manager
service_level_manager
29 CVEs
Ontap Tools
ontap_tools
29 CVEs
E Series Santricity Management Plug Ins
e-series_santricity_management_plug-ins
28 CVEs
Hci Storage Node
hci_storage_node
27 CVEs
Oncommand System Manager
oncommand_system_manager
27 CVEs
Santricity Cloud Connector
santricity_cloud_connector
27 CVEs
Hci Bootstrap Os
hci_bootstrap_os
27 CVEs
Management Services For Element Software
management_services_for_element_software
27 CVEs
Solidfire & Hci Storage Node
solidfire_&_hci_storage_node
26 CVEs
H300s
h300s
26 CVEs
H500s
h500s
26 CVEs
H700s
h700s
26 CVEs
H410s
h410s
26 CVEs
Ontap
ontap
24 CVEs
Clustered Data Ontap Antivirus Connector
clustered_data_ontap_antivirus_connector
23 CVEs
Data Ontap Edge
data_ontap_edge
23 CVEs
Snapcenter Server
snapcenter_server
23 CVEs
Cloud Insights Storage Workload Security Agent
cloud_insights_storage_workload_security_agent
23 CVEs
Santricity Storage Plugin
santricity_storage_plugin
23 CVEs
Cn1610 Firmware
cn1610_firmware
22 CVEs
Fas/aff Bios
fas/aff_bios
22 CVEs
Aff A400 Firmware
aff_a400_firmware
21 CVEs
Hci Compute Node Bios
hci_compute_node_bios
21 CVEs
A250 Firmware
a250_firmware
21 CVEs
Smi S Provider
smi-s_provider
19 CVEs
Oncommand Api Services
oncommand_api_services
19 CVEs
Cloud Manager
cloud_manager
19 CVEs
Snapdrive
snapdrive
18 CVEs
Snapprotect
snapprotect
18 CVEs
Aff A700s Firmware
aff_a700s_firmware
18 CVEs
A400 Firmware
a400_firmware
17 CVEs
Management Services For Netapp Hci
management_services_for_netapp_hci
17 CVEs
Hci
hci
16 CVEs
8300 Firmware
8300_firmware
16 CVEs
8700 Firmware
8700_firmware
16 CVEs
Management Services For Element Software And Netapp Hci
management_services_for_element_software_and_netapp_hci
16 CVEs
Solidfire Bios
solidfire_bios
16 CVEs
Active Iq Performance Analytics Services
active_iq_performance_analytics_services
15 CVEs
Aff Baseboard Management Controller
aff_baseboard_management_controller
15 CVEs
Manageability Software Development Kit
manageability_software_development_kit
15 CVEs
Fas/aff Baseboard Management Controller
fas/aff_baseboard_management_controller
14 CVEs
Hci Storage Node Bios
hci_storage_node_bios
14 CVEs
Aff 500f Firmware
aff_500f_firmware
14 CVEs
Data Infrastructure Insights Storage Workload Security Agent
data_infrastructure_insights_storage_workload_security_agent
14 CVEs
Service Processor
service_processor
13 CVEs

CVEs (2,507)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-2958
4Debian
NetappOpensuse+1 more
10Debian Linux
E Series Santricity Os ControllerE Series Santricity Storage Manager+7 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploi...Show more
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).Show less
CVE-2019-2957
4Canonical
FedoraprojectNetapp+1 more
7Active Iq Unified Manager
FedoraMysql+4 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
4.9 MEDIUM· v3
4.0 MEDIUM· v2
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged atta...Show more
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-2950
3Canonical
NetappOracle
6Active Iq Unified Manager
MysqlOncommand Insight+3 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
4.9 MEDIUM· v3
4.0 MEDIUM· v2
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with n...Show more
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-2949
7Canonical
DebianMcafee+4 more
15Debian Linux
E Series Santricity Os ControllerE Series Santricity Storage Manager+12 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
6.8 MEDIUM· v3
4.3 MEDIUM· v2
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit...Show more
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).Show less
CVE-2019-2948
3Canonical
NetappOracle
6Active Iq Unified Manager
MysqlOncommand Insight+3 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
4.9 MEDIUM· v3
4.0 MEDIUM· v2
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privi...Show more
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-2946
4Canonical
FedoraprojectNetapp+1 more
7Active Iq Unified Manager
FedoraMysql+4 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged at...Show more
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-2945
6Canonical
DebianNetapp+3 more
19Debian Linux
E Series Santricity Os ControllerE Series Santricity Storage Manager+16 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
3.1 LOW· v3
2.6 LOW· v2
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to explo...Show more
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).Show less
CVE-2019-2938
6Canonical
FedoraprojectMariadb+3 more
9Active Iq Unified Manager
FedoraLeap+6 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
4.4 MEDIUM· v3
3.5 LOW· v2
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged att...Show more
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-2924
3Canonical
NetappOracle
6Active Iq Unified Manager
MysqlOncommand Insight+3 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows...Show more
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).Show less
CVE-2019-2923
3Canonical
NetappOracle
6Active Iq Unified Manager
MysqlOncommand Insight+3 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows...Show more
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).Show less
CVE-2019-2922
3Canonical
NetappOracle
6Active Iq Unified Manager
MysqlOncommand Insight+3 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows...Show more
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).Show less
CVE-2019-2914
4Canonical
FedoraprojectNetapp+1 more
7Active Iq Unified Manager
FedoraMysql+4 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows...Show more
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).Show less
CVE-2019-2911
4Canonical
FedoraprojectNetapp+1 more
7Active Iq Unified Manager
FedoraMysql+4 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
2.7 LOW· v3
4.0 MEDIUM· v2
Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerabilit...Show more
Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).Show less
CVE-2019-2910
3Canonical
NetappOracle
6Active Iq Unified Manager
MysqlOncommand Insight+3 more
Nov 21, 2024
Oct 16, 2019
N/A· v4
3.7 LOW· v3
4.3 MEDIUM· v2
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Difficult to exploit vulnerability allo...Show more
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).Show less
CVE-2019-17531
5Debian
FasterxmlNetapp+2 more
22Banking Platform
Communications Billing And Revenue ManagementCommunications Calendar Server+19 more
Nov 21, 2024
Oct 12, 2019
N/A· v4
9.8 CRITICAL· v3
6.8 MEDIUM· v2
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the se...Show more
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.Show less
CVE-2019-2215
5Canonical
DebianGoogle+2 more
77A220 Firmware
A320 FirmwareA800 Firmware+74 more
Oct 24, 2025
Oct 11, 2019
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installat...Show more
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095Show less
CVE-2019-16905
3Netapp
OpenbsdSiemens
5Cloud Backup
OpensshScalance X204rna Ecc Firmware+2 more
Apr 23, 2025
Oct 9, 2019
N/A· v4
7.8 HIGH· v3
4.4 MEDIUM· v2
OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corru...Show more
OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.Show less
CVE-2019-5507
1Netapp
1Snapmanager
Nov 21, 2024
Oct 9, 2019
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
SnapManager for Oracle prior to version 3.4.2P1 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information.
CVE-2019-5506
1Netapp
1Clustered Data Ontap
Nov 21, 2024
Oct 9, 2019
N/A· v4
5.9 MEDIUM· v3
4.3 MEDIUM· v2
Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain circumstances making them susceptible to impersonation via man-in-the-middle attacks.
CVE-2019-17359
4Apache
BouncycastleNetapp+1 more
21Active Iq Unified Manager
Bc JavaBusiness Process Management Suite+18 more
May 12, 2025
Oct 8, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.