Total
186 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-7480 | 2 Netapp, Php | 2 Clustered Data Ontap, Php | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data. | |||||
CVE-2015-7973 | 5 Canonical, Freebsd, Netapp and 2 more | 9 Ubuntu Linux, Freebsd, Clustered Data Ontap and 6 more | 2023-12-10 | 5.8 MEDIUM | 6.5 MEDIUM |
NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network. | |||||
CVE-2016-4341 | 1 Netapp | 1 Clustered Data Ontap | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
NetApp Clustered Data ONTAP before 8.3.2P7 allows remote attackers to obtain SMB share information via unspecified vectors. | |||||
CVE-2015-7974 | 4 Debian, Netapp, Ntp and 1 more | 8 Debian Linux, Clustered Data Ontap, Oncommand Balance and 5 more | 2023-12-10 | 4.0 MEDIUM | 7.7 HIGH |
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key." | |||||
CVE-2016-3064 | 1 Netapp | 1 Clustered Data Ontap | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
NetApp Clustered Data ONTAP before 8.2.4P4 and 8.3.x before 8.3.2P2 allows remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors. | |||||
CVE-2016-1563 | 1 Netapp | 1 Clustered Data Ontap | 2023-12-10 | 5.8 MEDIUM | 6.8 MEDIUM |
NetApp Clustered Data ONTAP 8.3.1 does not properly verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |