threat
engine
.sh
Back
·
··:··
Home
/
Product
/
netapp snapdrive
Product
netapp snapdrive
18 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2022-29824
all versions
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf
) and tree.c (xmlBuffer
) don't check for integer ove
6.5
MEDIUM
CVE-2022-23308
all versions
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
7.5
HIGH
CVE-2021-3541
all versions
A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and lea
6.5
MEDIUM
CVE-2021-3517
all versions
There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a
8.6
HIGH
CVE-2021-3518
all versions
There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an applic
8.8
HIGH
CVE-2021-3537
all versions
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content,
5.9
MEDIUM
CVE-2020-24977
all versions
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The
6.5
MEDIUM
CVE-2020-7595
all versions
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
7.5
HIGH
CVE-2019-20388
all versions
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
7.5
HIGH
CVE-2019-1559
all versions
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to
5.9
MEDIUM
CVE-2018-18314
all versions
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
9.8
CRITICAL
CVE-2018-18313
all versions
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from
9.1
CRITICAL
CVE-2018-18312
all versions
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write ope
9.8
CRITICAL
CVE-2018-0735
all versions
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use varia
5.9
MEDIUM
CVE-2018-12015
all versions
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and
7.5
HIGH
CVE-2016-8610
all versions
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol define
7.5
HIGH
CVE-2015-8544
<= 7.1.3
NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information
7.5
HIGH
CVE-2015-8960
all versions
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCe
8.1
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin