Netapp Data Ontap Edge — known CVE vulnerabilities
Every CVE whose affected-product data names Netapp Data Ontap Edge, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (23)
CVE-2018-11236 — CVSS 9.8 (critical): stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the…
CVE-2018-6485 — CVSS 9.8 (critical): An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and…
CVE-2015-8960 — CVSS 8.1 (high): The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for…
CVE-2018-11237 — CVSS 7.8 (high): An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data…
CVE-2016-9131 — CVSS 7.5 (high): named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of…
CVE-2016-9778 — CVSS 7.5 (high): An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone…
CVE-2017-3135 — CVSS 7.5 (high): Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state…
CVE-2016-10708 — CVSS 7.5 (high): sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an…
CVE-2017-3137 — CVSS 7.5 (high): Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could…
CVE-2017-3145 — CVSS 7.5 (high): BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error…
CVE-2016-8610 — CVSS 7.5 (high): A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined…
CVE-2018-12015 — CVSS 7.5 (high): In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite…
CVE-2018-5734 — CVSS 7.5 (high): While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving…
CVE-2018-5740 — CVSS 7.5 (high): "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks…
CVE-2016-8864 — CVSS 7.5 (high): named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of…
CVE-2017-3138 — CVSS 6.5 (medium): named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a…
CVE-2018-5737 — CVSS 5.9 (medium): A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when…
CVE-2017-3136 — CVSS 5.9 (medium): A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An…
CVE-2018-5736 — CVSS 5.3 (medium): An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND…
CVE-2018-15473 — CVSS 5.3 (medium): OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after…
CVE-2018-15919 — CVSS 5.3 (medium): Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a…
CVE-2017-15906 — CVSS 5.3 (medium): The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows…
CVE-2017-3140 — CVSS 3.7 (low): If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will…