Netapp Snapdrive
18 CVEs affecting Netapp Snapdrive. Latest disclosed: 2022-05-03. Critical: 3, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-18314 | Critical | 9.8 | 2018-12-07 | Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. |
CVE-2018-18312 | Critical | 9.8 | 2018-12-05 | Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. |
CVE-2018-18313 | Critical | 9.1 | 2018-12-07 | Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. |
CVE-2021-3518 | High | 8.8 | 2021-05-18 | There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 cou… |
CVE-2021-3517 | High | 8.6 | 2021-05-19 | There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed… |
CVE-2015-8960 | High | 8.1 | 2016-09-21 | The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not di… |
CVE-2022-23308 | High | 7.5 | 2022-02-26 | valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. |
CVE-2020-7595 | High | 7.5 | 2020-01-21 | xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. |
CVE-2019-20388 | High | 7.5 | 2020-01-21 | xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. |
CVE-2018-12015 | High | 7.5 | 2018-06-07 | In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, vi… |
CVE-2016-8610 | High | 7.5 | 2017-11-13 | A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets… |
CVE-2015-8544 | High | 7.5 | 2017-02-07 | NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors. |
CVE-2022-29824 | Medium | 6.5 | 2022-05-03 | In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in ou… |
CVE-2021-3541 | Medium | 6.5 | 2021-07-09 | A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service. |
CVE-2020-24977 | Medium | 6.5 | 2020-09-04 | GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commi… |
CVE-2021-3537 | Medium | 5.9 | 2021-05-14 | A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference… |
CVE-2019-1559 | Medium | 5.9 | 2019-02-27 | If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can… |
CVE-2018-0735 | Medium | 5.9 | 2018-10-29 | The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorith… |