threat
engine
.sh
Back
·
··:··
Home
/
Product
/
netapp storage automation store
Product
netapp storage automation store
113 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2019-11035
all versions
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be
9.1
CRITICAL
CVE-2019-11034
all versions
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be
9.1
CRITICAL
CVE-2019-9641
all versions
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an unini
9.8
CRITICAL
CVE-2019-9640
all versions
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Inval
7.5
HIGH
CVE-2019-9639
all versions
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an unini
7.5
HIGH
CVE-2019-9638
all versions
An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an unini
7.5
HIGH
CVE-2019-9637
all versions
An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesyst
7.5
HIGH
CVE-2019-0192
all versions
In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST requ
9.8
CRITICAL
CVE-2019-1559
all versions
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to
5.9
MEDIUM
CVE-2019-9025
all versions
An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyte string supplied as an argument to the mb_split() function
9.8
CRITICAL
CVE-2019-9024
all versions
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can
7.5
HIGH
CVE-2019-9023
all versions
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-bas
9.8
CRITICAL
CVE-2019-9022
all versions
An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS resp
7.5
HIGH
CVE-2019-9021
all versions
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer
9.8
CRITICAL
CVE-2019-9020
all versions
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the
9.8
CRITICAL
CVE-2019-6110
all versions
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle
6.8
MEDIUM
CVE-2019-6109
all versions
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-T
6.8
MEDIUM
CVE-2018-17199
all versions
In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This c
7.5
HIGH
CVE-2018-17189
all versions
In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream f
5.3
MEDIUM
CVE-2019-6977
all versions
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP
8.8
HIGH
CVE-2019-2539
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affect
4.9
MEDIUM
CVE-2019-2537
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are
4.9
MEDIUM
CVE-2019-2536
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affecte
5.0
MEDIUM
CVE-2019-2535
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected
4.1
MEDIUM
CVE-2019-2534
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affec
7.1
HIGH
CVE-2019-2533
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions tha
6.5
MEDIUM
CVE-2019-2532
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that
4.9
MEDIUM
CVE-2019-2531
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affec
4.9
MEDIUM
CVE-2019-2530
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte
4.9
MEDIUM
CVE-2019-2529
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte
6.5
MEDIUM
CVE-2019-2513
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell). Supported versions that are affected are 8.0.13
2.5
LOW
CVE-2019-2436
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affec
5.5
MEDIUM
CVE-2019-2434
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected a
6.5
MEDIUM
CVE-2019-2420
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte
4.9
MEDIUM
CVE-2018-20685
all versions
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or
5.3
MEDIUM
CVE-2018-0734
all versions
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variati
5.9
MEDIUM
CVE-2018-10933
all versions
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create c
9.1
CRITICAL
CVE-2018-3286
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that
4.3
MEDIUM
CVE-2018-3285
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Windows). Supported versions that are affected
4.9
MEDIUM
CVE-2018-3283
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Logging). Supported versions that are affected
4.4
MEDIUM
CVE-2018-3280
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: JSON). Supported versions that are affected are
4.9
MEDIUM
CVE-2018-3279
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are a
4.9
MEDIUM
CVE-2018-3278
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: RBR). Supported versions that are affected are
4.9
MEDIUM
CVE-2018-3276
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affecte
4.9
MEDIUM
CVE-2018-3251
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.4
6.5
MEDIUM
CVE-2018-3247
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Merge). Supported versions that are affected ar
5.5
MEDIUM
CVE-2018-3212
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Information Schema). Supported versions that ar
4.9
MEDIUM
CVE-2018-3203
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte
6.5
MEDIUM
CVE-2018-3187
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte
5.5
MEDIUM
CVE-2018-3185
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.2
5.5
MEDIUM
CVE-2018-3156
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.4
6.5
MEDIUM
CVE-2018-3155
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected a
7.7
HIGH
CVE-2018-3145
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected a
6.5
MEDIUM
CVE-2018-3144
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are a
5.9
MEDIUM
CVE-2018-3143
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.4
6.5
MEDIUM
CVE-2018-3137
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte
6.5
MEDIUM
CVE-2018-11763
all versions
In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thre
5.9
MEDIUM
CVE-2018-17082
all versions
The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the b
6.1
MEDIUM
CVE-2018-15132
all versions
An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x bef
7.5
HIGH
CVE-2018-14884
all versions
An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. Inappropriately parsing an HTTP r
7.5
HIGH
CVE-2018-14883
all versions
An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflo
7.5
HIGH
CVE-2018-14851
all versions
exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before
5.5
MEDIUM
CVE-2017-9120
all versions
PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly hav
9.8
CRITICAL
CVE-2017-9118
all versions
PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call.
7.5
HIGH
CVE-2018-3084
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell: Core / Client). Supported versions that are affe
2.8
LOW
CVE-2018-3082
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are
2.7
LOW
CVE-2018-3081
all versions
Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected
5.0
MEDIUM
CVE-2018-3080
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are
4.9
MEDIUM
CVE-2018-3079
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.1
4.9
MEDIUM
CVE-2018-3078
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are
4.9
MEDIUM
CVE-2018-3077
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are
4.9
MEDIUM
CVE-2018-3075
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that
4.9
MEDIUM
CVE-2018-3074
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Roles). Supported versions that are a
5.3
MEDIUM
CVE-2018-3073
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte
6.5
MEDIUM
CVE-2018-3071
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Audit Log). Supported versions that are affected are 5.
4.9
MEDIUM
CVE-2018-3070
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected
6.5
MEDIUM
CVE-2018-3067
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affec
4.9
MEDIUM
CVE-2018-3066
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected
3.3
LOW
CVE-2018-3065
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are
6.5
MEDIUM
CVE-2018-3064
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.4
7.1
HIGH
CVE-2018-3062
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affecte
5.3
MEDIUM
CVE-2018-3061
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are
4.9
MEDIUM
CVE-2018-3060
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.2
6.5
MEDIUM
CVE-2018-3058
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). Supported versions that are affected are 5.5.6
4.3
MEDIUM
CVE-2018-3056
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that
4.3
MEDIUM
CVE-2018-3054
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are
4.9
MEDIUM
CVE-2018-8026
all versions
This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr conf
5.5
MEDIUM
CVE-2018-12882
all versions
exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_
9.8
CRITICAL
CVE-2018-1333
all versions
By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion a
7.5
HIGH
CVE-2018-8014
all versions
The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.4
9.8
CRITICAL
CVE-2018-1258
all versions
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when
8.8
HIGH
CVE-2018-10549
all versions
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in
8.8
HIGH
CVE-2018-10548
all versions
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c al
7.5
HIGH
CVE-2018-10547
all versions
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before
6.1
MEDIUM
CVE-2018-10546
all versions
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop e
7.5
HIGH
CVE-2018-10545
all versions
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child
4.7
MEDIUM
CVE-2018-2846
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that ar
4.9
MEDIUM
CVE-2018-2839
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are
4.9
MEDIUM
CVE-2018-2818
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions tha
4.9
MEDIUM
CVE-2018-2816
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte
4.9
MEDIUM
CVE-2018-2813
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are
4.3
MEDIUM
CVE-2018-2812
all versions
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affecte
5.5
MEDIUM
CVE-2018-1303
all versions
A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound r
7.5
HIGH
CVE-2018-1302
all versions
When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL
5.9
MEDIUM
CVE-2018-1301
all versions
A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after
5.9
MEDIUM
CVE-2018-1283
all versions
In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, no
5.3
MEDIUM
CVE-2017-15715
all versions
In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious fi
8.1
HIGH
CVE-2017-15710
all versions
In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig,
7.5
HIGH
CVE-2016-8612
all versions
Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing l
4.3
MEDIUM
CVE-2017-16642
all versions
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'f
7.5
HIGH
CVE-2017-9788
all versions
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was
9.1
CRITICAL
CVE-2017-9119
all versions
The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumpti
9.8
CRITICAL
CVE-2017-5645
all versions
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from anot
9.8
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin