RSS   Vulnerabilities for 'Snap creator framework'   RSS

2020-02-11
 
CVE-2016-5710

CWE-1021
 

 
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors.

 
2018-12-07
 
CVE-2018-18314

CWE-119
 

 
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

 
 
CVE-2018-18313

CWE-125
 

 
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.

 
 
CVE-2018-18311

CWE-119
 

 
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

 
2018-12-05
 
CVE-2018-18312

CWE-119
 

 
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

 
2018-10-04
 
CVE-2018-11784

CWE-601
 

 
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice.

 
2018-06-22
 
CVE-2018-12538

CWE-384
 

 
In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore.

 
2018-06-07
 
CVE-2018-12015

CWE-22
 

 
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

 
2017-02-07
 
CVE-2016-5372

CWE-352
 

 
Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.

 
2016-12-21
 
CVE-2016-7172

 

 
NetApp Snap Creator Framework before 4.3.1 discloses sensitive information which could be viewed by an unauthorized user.

 


Copyright 2022, cxsecurity.com

 

Back to Top