Clustered_data_ontap - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Clustered_data_ontap
(Netapp)

Repositories	• https://github.com/php/php-src • https://github.com/openbsd/src • https://github.com/derickr/timelib
#Vulnerabilities	186

Date	Id	Summary	Products	Score	Patch	Annotated
2017-10-26	CVE-2017-15906	The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.	Debian_linux, Active_iq_unified_manager, Cloud_backup, Clustered_data_ontap, Cn1610_firmware, Data_ontap_edge, Hci_management_node, Oncommand_unified_manager_core_package, Solidfire, Steelstore_cloud_integrated_storage, Storage_replication_adapter_for_clustered_data_ontap, Vasa_provider_for_clustered_data_ontap, Virtual_storage_console, Openssh, Sun_zfs_storage_appliance_kit, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation	5.3
2021-10-04	CVE-2021-21705	In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using URL validation functionality via filter_var() function with FILTER_VALIDATE_URL parameter, an URL with invalid password field can be accepted as valid. This can lead to the code incorrectly parsing the URL and potentially leading to other security implications - like contacting a wrong server or making a wrong access decision.	Clustered_data_ontap, Sd\-Wan_aware, Php	5.3
2022-01-24	CVE-2022-23852	Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.	Debian_linux, Libexpat, Clustered_data_ontap, Oncommand_workflow_automation, Communications_metasolv_solution, Sinema_remote_connect_server, Nessus	9.8
2021-10-04	CVE-2021-21704	In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid response data that is not parsed correctly by the driver. This can result in crashes, denial of service or potentially memory corruption.	Clustered_data_ontap, Php	5.9
2022-10-19	CVE-2022-23241	Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retention period.	Clustered_data_ontap	8.1
2020-11-12	CVE-2020-0590	Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.	Xeon_bronze_3104_firmware, Xeon_bronze_3106_firmware, Xeon_bronze_3204_firmware, Xeon_bronze_3206r_firmware, Xeon_gold_5115_firmware, Xeon_gold_5118_firmware, Xeon_gold_5119t_firmware, Xeon_gold_5120_firmware, Xeon_gold_5120t_firmware, Xeon_gold_5122_firmware, Xeon_gold_5215_firmware, Xeon_gold_5215l_firmware, Xeon_gold_5217_firmware, Xeon_gold_5218_firmware, Xeon_gold_5218b_firmware, Xeon_gold_5218n_firmware, Xeon_gold_5218r_firmware, Xeon_gold_5218t_firmware, Xeon_gold_5220_firmware, Xeon_gold_5220r_firmware, Xeon_gold_5220s_firmware, Xeon_gold_5220t_firmware, Xeon_gold_5222_firmware, Xeon_gold_6126_firmware, Xeon_gold_6126f_firmware, Xeon_gold_6126t_firmware, Xeon_gold_6128_firmware, Xeon_gold_6130_firmware, Xeon_gold_6130f_firmware, Xeon_gold_6130t_firmware, Xeon_gold_6132_firmware, Xeon_gold_6134_firmware, Xeon_gold_6136_firmware, Xeon_gold_6138_firmware, Xeon_gold_6138f_firmware, Xeon_gold_6138p_firmware, Xeon_gold_6138t_firmware, Xeon_gold_6140_firmware, Xeon_gold_6142_firmware, Xeon_gold_6142f_firmware, Xeon_gold_6144_firmware, Xeon_gold_6146_firmware, Xeon_gold_6148_firmware, Xeon_gold_6148f_firmware, Xeon_gold_6150_firmware, Xeon_gold_6152_firmware, Xeon_gold_6154_firmware, Xeon_gold_6208u_firmware, Xeon_gold_6209u_firmware, Xeon_gold_6210u_firmware, Xeon_gold_6212u_firmware, Xeon_gold_6222v_firmware, Xeon_gold_6226_firmware, Xeon_gold_6226r_firmware, Xeon_gold_6230_firmware, Xeon_gold_6230n_firmware, Xeon_gold_6230r_firmware, Xeon_gold_6230t_firmware, Xeon_gold_6234_firmware, Xeon_gold_6238_firmware, Xeon_gold_6238l_firmware, Xeon_gold_6238r_firmware, Xeon_gold_6238t_firmware, Xeon_gold_6240_firmware, Xeon_gold_6240l_firmware, Xeon_gold_6240r_firmware, Xeon_gold_6240y_firmware, Xeon_gold_6242_firmware, Xeon_gold_6242r_firmware, Xeon_gold_6244_firmware, Xeon_gold_6246_firmware, Xeon_gold_6246r_firmware, Xeon_gold_6248_firmware, Xeon_gold_6248r_firmware, Xeon_gold_6250_firmware, Xeon_gold_6250l_firmware, Xeon_gold_6252_firmware, Xeon_gold_6252n_firmware, Xeon_gold_6254_firmware, Xeon_gold_6256_firmware, Xeon_gold_6258r_firmware, Xeon_gold_6262v_firmware, Xeon_platinum_8153_firmware, Xeon_platinum_8156_firmware, Xeon_platinum_8158_firmware, Xeon_platinum_8160_firmware, Xeon_platinum_8160f_firmware, Xeon_platinum_8160t_firmware, Xeon_platinum_8164_firmware, Xeon_platinum_8168_firmware, Xeon_platinum_8170_firmware, Xeon_platinum_8176_firmware, Xeon_platinum_8176f_firmware, Xeon_platinum_8180_firmware, Xeon_platinum_8253_firmware, Xeon_platinum_8256_firmware, Xeon_platinum_8260_firmware, Xeon_platinum_8260l_firmware, Xeon_platinum_8260y_firmware, Xeon_platinum_8268_firmware, Xeon_platinum_8270_firmware, Xeon_platinum_8276_firmware, Xeon_platinum_8276l_firmware, Xeon_platinum_8280_firmware, Xeon_platinum_8280l_firmware, Xeon_platinum_9221_firmware, Xeon_platinum_9222_firmware, Xeon_platinum_9242_firmware, Xeon_platinum_9282_firmware, Xeon_silver_4108_firmware, Xeon_silver_4109t_firmware, Xeon_silver_4110_firmware, Xeon_silver_4112_firmware, Xeon_silver_4114_firmware, Xeon_silver_4114t_firmware, Xeon_silver_4116_firmware, Xeon_silver_4116t_firmware, Xeon_silver_4208_firmware, Xeon_silver_4209t_firmware, Xeon_silver_4210_firmware, Xeon_silver_4210r_firmware, Xeon_silver_4210t_firmware, Xeon_silver_4214_firmware, Xeon_silver_4214r_firmware, Xeon_silver_4214y_firmware, Xeon_silver_4215_firmware, Xeon_silver_4215r_firmware, Xeon_silver_4216_firmware, Cloud_backup, Clustered_data_ontap, Fas\/aff_bios, Simatic_ipc527g_firmware, Simatic_ipc547g_firmware, Simatic_ipc627e_firmware, Simatic_ipc647e_firmware, Simatic_ipc677e_firmware, Simatic_ipc847e_firmware	7.8
2022-01-06	CVE-2021-46143	In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.	Libexpat, Active_iq_unified_manager, Clustered_data_ontap, Hci_baseboard_management_controller, Oncommand_workflow_automation, Solidfire_\&_hci_management_node, Sinema_remote_connect_server, Nessus	7.8
2021-02-15	CVE-2020-7071	In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14 and 8.0.0, when validating URL with functions like filter_var($url, FILTER_VALIDATE_URL), PHP will accept an URL with invalid password as valid URL. This may lead to functions that rely on URL being valid to mis-parse the URL and produce wrong data as components of the URL.	Debian_linux, Clustered_data_ontap, Php	5.3
2017-01-11	CVE-2017-5340	Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data.	Clustered_data_ontap, Php	9.8
2017-01-11	CVE-2016-7480	The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data.	Clustered_data_ontap, Php	9.8