Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Clustered_data_ontap
(Netapp)| Repositories |
• https://github.com/php/php-src
• https://github.com/openbsd/src • https://github.com/derickr/timelib |
| #Vulnerabilities | 186 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-01-30 | CVE-2015-7977 | ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. | Ubuntu_linux, Debian_linux, Fedora, Freebsd, Clustered_data_ontap, Oncommand_balance, Ntp, Linux, Tim_4r\-Ie_dnp3_firmware, Tim_4r\-Ie_firmware | 5.9 | ||
| 2020-09-25 | CVE-2020-24718 | bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP. | Freebsd, Clustered_data_ontap, Omnios, Openindiana | 8.2 | ||
| 2019-10-25 | CVE-2019-5508 | Clustered Data ONTAP versions 9.2 through 9.4 are susceptible to a vulnerability which allows an attacker to use l2ping to cause a Denial of Service (DoS). | Clustered_data_ontap | 7.5 | ||
| 2021-02-15 | CVE-2021-21702 | In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a crash. | Debian_linux, Clustered_data_ontap, Communications_diameter_signaling_router, Php | 7.5 | ||
| 2017-08-07 | CVE-2015-7704 | The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. | Xenserver, Debian_linux, Enterprise_security_manager, Clustered_data_ontap, Data_ontap, Oncommand_performance_manager, Oncommand_unified_manager, Ntp, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 7.5 | ||
| 2017-08-07 | CVE-2015-7705 | The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests. | Xenserver, Clustered_data_ontap, Data_ontap, Oncommand_performance_manager, Oncommand_unified_manager, Ntp, Tim_4r\-Ie_dnp3_firmware, Tim_4r\-Ie_firmware | 9.8 | ||
| 2021-10-12 | CVE-2021-27003 | Clustered Data ONTAP versions prior to 9.5P18, 9.6P15, 9.7P14, 9.8P5 and 9.9.1 are missing an X-Frame-Options header which could allow a clickjacking attack. | Clustered_data_ontap | 4.7 | ||
| 2020-09-02 | CVE-2020-8576 | Clustered Data ONTAP versions prior to 9.3P19, 9.5P14, 9.6P9 and 9.7 are susceptible to a vulnerability which when successfully exploited could lead to addition or modification of data or disclosure of sensitive information. | Clustered_data_ontap | 5.4 | ||
| 2021-01-19 | CVE-2020-8581 | Clustered Data ONTAP versions prior to 9.3P20 and 9.5 are susceptible to a vulnerability which could allow an authenticated but unauthorized attacker to overwrite arbitrary data when VMware vStorage support is enabled. | Clustered_data_ontap | 6.5 | ||
| 2017-08-07 | CVE-2015-7853 | The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value. | Clustered_data_ontap, Data_ontap, Oncommand_balance, Oncommand_performance_manager, Oncommand_unified_manager, Ntp | 9.8 |