Clustered_data_ontap - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Clustered_data_ontap
(Netapp)

Repositories	• https://github.com/php/php-src • https://github.com/openbsd/src • https://github.com/derickr/timelib
#Vulnerabilities	190

Date	Id	Summary	Products	Score	Patch	Annotated
2018-08-17	CVE-2018-15473	OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.	Ubuntu_linux, Debian_linux, Aff_baseboard_management_controller, Cloud_backup, Clustered_data_ontap, Cn1610_firmware, Data_ontap, Data_ontap_edge, Fas_baseboard_management_controller, Oncommand_unified_manager, Ontap_select_deploy, Service_processor, Steelstore_cloud_integrated_storage, Storage_replication_adapter, Vasa_provider, Virtual_storage_console, Openssh, Sun_zfs_storage_appliance_kit, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Scalance_x204rna_firmware	5.3
2019-08-30	CVE-2019-5608	In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented across multiple mbufs. A remote attacker may be able to cause an out-of-bounds read or write that may cause the kernel to attempt to access an unmapped page and subsequently panic.	Freebsd, Clustered_data_ontap	9.8
2019-08-30	CVE-2019-5611	In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguous. Extra checks in the IPv6 stack could catch the error condition and trigger a kernel panic, leading to a remote denial of service.	Freebsd, Clustered_data_ontap	7.5
2019-08-30	CVE-2019-5610	In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. A remote user could cause an out-of-bounds read or trigger a crash of the software such as bsnmpd resulting in a denial of service.	Freebsd, Clustered_data_ontap	7.5
2019-08-30	CVE-2019-5612	In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that is not thread-safe. A multi-threaded program can exploit races in the handler to copy out kernel memory outside the boundaries of midistat's data buffer.	Freebsd, Clustered_data_ontap	7.5
2017-10-26	CVE-2017-15906	The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.	Debian_linux, Active_iq_unified_manager, Cloud_backup, Clustered_data_ontap, Cn1610_firmware, Data_ontap_edge, Hci_management_node, Oncommand_unified_manager_core_package, Solidfire, Steelstore_cloud_integrated_storage, Storage_replication_adapter_for_clustered_data_ontap, Vasa_provider_for_clustered_data_ontap, Virtual_storage_console, Openssh, Sun_zfs_storage_appliance_kit, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation	5.3
2020-11-12	CVE-2020-0590	Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.	Xeon_bronze_3104_firmware, Xeon_bronze_3106_firmware, Xeon_bronze_3204_firmware, Xeon_bronze_3206r_firmware, Xeon_gold_5115_firmware, Xeon_gold_5118_firmware, Xeon_gold_5119t_firmware, Xeon_gold_5120_firmware, Xeon_gold_5120t_firmware, Xeon_gold_5122_firmware, Xeon_gold_5215_firmware, Xeon_gold_5215l_firmware, Xeon_gold_5217_firmware, Xeon_gold_5218_firmware, Xeon_gold_5218b_firmware, Xeon_gold_5218n_firmware, Xeon_gold_5218r_firmware, Xeon_gold_5218t_firmware, Xeon_gold_5220_firmware, Xeon_gold_5220r_firmware, Xeon_gold_5220s_firmware, Xeon_gold_5220t_firmware, Xeon_gold_5222_firmware, Xeon_gold_6126_firmware, Xeon_gold_6126f_firmware, Xeon_gold_6126t_firmware, Xeon_gold_6128_firmware, Xeon_gold_6130_firmware, Xeon_gold_6130f_firmware, Xeon_gold_6130t_firmware, Xeon_gold_6132_firmware, Xeon_gold_6134_firmware, Xeon_gold_6136_firmware, Xeon_gold_6138_firmware, Xeon_gold_6138f_firmware, Xeon_gold_6138p_firmware, Xeon_gold_6138t_firmware, Xeon_gold_6140_firmware, Xeon_gold_6142_firmware, Xeon_gold_6142f_firmware, Xeon_gold_6144_firmware, Xeon_gold_6146_firmware, Xeon_gold_6148_firmware, Xeon_gold_6148f_firmware, Xeon_gold_6150_firmware, Xeon_gold_6152_firmware, Xeon_gold_6154_firmware, Xeon_gold_6208u_firmware, Xeon_gold_6209u_firmware, Xeon_gold_6210u_firmware, Xeon_gold_6212u_firmware, Xeon_gold_6222v_firmware, Xeon_gold_6226_firmware, Xeon_gold_6226r_firmware, Xeon_gold_6230_firmware, Xeon_gold_6230n_firmware, Xeon_gold_6230r_firmware, Xeon_gold_6230t_firmware, Xeon_gold_6234_firmware, Xeon_gold_6238_firmware, Xeon_gold_6238l_firmware, Xeon_gold_6238r_firmware, Xeon_gold_6238t_firmware, Xeon_gold_6240_firmware, Xeon_gold_6240l_firmware, Xeon_gold_6240r_firmware, Xeon_gold_6240y_firmware, Xeon_gold_6242_firmware, Xeon_gold_6242r_firmware, Xeon_gold_6244_firmware, Xeon_gold_6246_firmware, Xeon_gold_6246r_firmware, Xeon_gold_6248_firmware, Xeon_gold_6248r_firmware, Xeon_gold_6250_firmware, Xeon_gold_6250l_firmware, Xeon_gold_6252_firmware, Xeon_gold_6252n_firmware, Xeon_gold_6254_firmware, Xeon_gold_6256_firmware, Xeon_gold_6258r_firmware, Xeon_gold_6262v_firmware, Xeon_platinum_8153_firmware, Xeon_platinum_8156_firmware, Xeon_platinum_8158_firmware, Xeon_platinum_8160_firmware, Xeon_platinum_8160f_firmware, Xeon_platinum_8160t_firmware, Xeon_platinum_8164_firmware, Xeon_platinum_8168_firmware, Xeon_platinum_8170_firmware, Xeon_platinum_8176_firmware, Xeon_platinum_8176f_firmware, Xeon_platinum_8180_firmware, Xeon_platinum_8253_firmware, Xeon_platinum_8256_firmware, Xeon_platinum_8260_firmware, Xeon_platinum_8260l_firmware, Xeon_platinum_8260y_firmware, Xeon_platinum_8268_firmware, Xeon_platinum_8270_firmware, Xeon_platinum_8276_firmware, Xeon_platinum_8276l_firmware, Xeon_platinum_8280_firmware, Xeon_platinum_8280l_firmware, Xeon_platinum_9221_firmware, Xeon_platinum_9222_firmware, Xeon_platinum_9242_firmware, Xeon_platinum_9282_firmware, Xeon_silver_4108_firmware, Xeon_silver_4109t_firmware, Xeon_silver_4110_firmware, Xeon_silver_4112_firmware, Xeon_silver_4114_firmware, Xeon_silver_4114t_firmware, Xeon_silver_4116_firmware, Xeon_silver_4116t_firmware, Xeon_silver_4208_firmware, Xeon_silver_4209t_firmware, Xeon_silver_4210_firmware, Xeon_silver_4210r_firmware, Xeon_silver_4210t_firmware, Xeon_silver_4214_firmware, Xeon_silver_4214r_firmware, Xeon_silver_4214y_firmware, Xeon_silver_4215_firmware, Xeon_silver_4215r_firmware, Xeon_silver_4216_firmware, Cloud_backup, Clustered_data_ontap, Fas\/aff_bios, Simatic_ipc527g_firmware, Simatic_ipc547g_firmware, Simatic_ipc627e_firmware, Simatic_ipc647e_firmware, Simatic_ipc677e_firmware, Simatic_ipc847e_firmware	7.8
2017-01-11	CVE-2017-5340	Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data.	Clustered_data_ontap, Php	9.8
2017-01-11	CVE-2016-7480	The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data.	Clustered_data_ontap, Php	9.8
2017-01-24	CVE-2016-10160	Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP before 5.6.30 and 7.0.x before 7.0.15 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch.	Debian_linux, Clustered_data_ontap, Php	9.8