RSS   Vulnerabilities for 'Snap creator framework'   RSS

2018-12-07
 
CVE-2018-18314

CWE-119
 

 
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

 
 
CVE-2018-18313

CWE-125
 

 
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.

 
 
CVE-2018-18311

CWE-119
 

 
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

 
2018-12-05
 
CVE-2018-18312

CWE-119
 

 
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

 
2018-10-04
 
CVE-2018-11784

CWE-601
 

 
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.

 
2018-06-22
 
CVE-2018-12538

CWE-384
 

 
In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore.

 
2018-06-07
 
CVE-2018-12015

CWE-22
 

 
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

 
2017-02-07
 
CVE-2016-5372

CWE-352
 

 
Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.

 
2016-12-21
 
CVE-2016-7172

 

 
NetApp Snap Creator Framework before 4.3.1 discloses sensitive information which could be viewed by an unauthorized user.

 

 >>> Vendor: Netapp 66 Products
Data ontap
Oncommand balance
Oncommand workflow automation
Clustered data ontap
Oncommand system manager
Netapp plug-in
Snap creator framework
Metrocluster tiebreaker
Oncommand insight
Snapdrive
Virtual storage console for vmware vsphere
Snapcenter server
Oncommand unified manager for clustered data ontap
Ontap select administration utility
Oncommand unified manager core package
Altavault
Oncommand api
Storagegrid webscale
Vasa provider
Service level manager
Cloud backup
Hyper converged infrastructure
Solidfire element os
Oncommand unified manager
Santricity smi-s provider
Steelstore
Cn1610 firmware
Data ontap edge
Element software management node
Solidfire element os management node
Element software
Santricity cloud connector
Active iq
E-series santricity os controller
Snapcenter
Snapdriver
Ontap select deploy
Steelstore cloud integrated storage
Storage automation store
Snapmanager
Ontap select deploy utility
Storagegrid
Active iq performance analytics services
Ontap select deploy administration utility
Element software management
Fas/aff baseboard management controller
E-series santricity management plug-ins
E-series santricity web services proxy
Service processor
Aff baseboard management controller
Fas baseboard management controller
Storagegrid webscale nas bridge
Cloud insights
Oncommand api services
Trident
E-series santricity management
E-series santricity storage manager
E-series santricity web services
Brocade network advisor
Virtual storage console
Hyper converged infrastructure compute node
Clustered data ontap antivirus connector
Host agent
Smi-s provider
Hci storage nodes
Data ontap operating in 7-mode


Copyright 2019, cxsecurity.com

 

Back to Top