Check CVE Id
Check CWE Id
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.
NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors.
Oncommand workflow automation
Clustered data ontap
Oncommand system manager
Snap creator framework
Virtual storage console for vmware vsphere
Oncommand unified manager for clustered data ontap
Ontap select administration utility
Oncommand unified manager core package
Service level manager
Hyper converged infrastructure
Solidfire element os
Oncommand unified manager
Santricity smi-s provider
Data ontap edge
Element software management node
Solidfire element os management node
Santricity cloud connector
E-series santricity os controller
Ontap select deploy
Steelstore cloud integrated storage
Storage automation store
Ontap select deploy utility
Active iq performance analytics services
Ontap select deploy administration utility
Element software management
Fas/aff baseboard management controller
E-series santricity management plug-ins
E-series santricity web services proxy
Aff baseboard management controller
Fas baseboard management controller
Storagegrid webscale nas bridge
Oncommand api services
E-series santricity management
E-series santricity storage manager
E-series santricity web services
Brocade network advisor
Virtual storage console
Hyper converged infrastructure compute node
Clustered data ontap antivirus connector
Hci storage nodes
Data ontap operating in 7-mode
Back to Top