CVSS: 7.5EPSS: 0%CPEs: 35EXPL: 2CVE-2019-8936 – Ubuntu Security Notice USN-4563-2
https://notcve.org/view.php?id=CVE-2019-8936
08 Mar 2019 — NTP through 4.2.8p12 has a NULL Pointer Dereference. NTP hasta 4.2.8p12 tiene una desreferencia del puntero NULL. A crafted malicious authenticated mode 6 packet from a permitted network address can trigger a NULL pointer dereference. Note for this attack to work, the sending system must be on an address from which the target ntpd(8) accepts mode 6 packets, and must use a private key that is specifically listed as being used for mode 6 authorization. The ntpd daemon can crash due to the NULL pointer derefer... • https://github.com/snappyJack/CVE-2019-8936 • CWE-476: NULL Pointer Dereference •
CVSS: 4.4EPSS: 0%CPEs: 18EXPL: 0CVE-2018-5497
https://notcve.org/view.php?id=CVE-2018-5497
24 Jan 2019 — Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user. Clustered Data ONTAP, en sus versiones anteriores a las 9.1P16, 9.3P10 y 9.4P5, es susceptible a una vulnerabilidad que divulga información sensible a un usuario no autenticado. • https://security.netapp.com/advisory/ntap-20190109-0001 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-5490
https://notcve.org/view.php?id=CVE-2018-5490
03 Aug 2018 — Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. This behavior has been resolved in the GA release. Customers running prior release candidates (RCs) are requested to update their systems to the NetApp Data ONTAP 8.3 GA release. Las reglas de política de exportación de solo lectura no se aplican correctamente en Clustered Data ONTAP en versiones 8.3 R... • https://security.netapp.com/advisory/ntap-20150324-0001 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.7EPSS: 0%CPEs: 3EXPL: 0CVE-2017-5201
https://notcve.org/view.php?id=CVE-2017-5201
09 Nov 2017 — NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors, a different vulnerability than CVE-2016-3064. NetApp Clustered Data ONTAP en versiones anteriores a la 8.3.2P8 y 9.0 anteriores a P2 permite que usuarios autenticados remotos obtengan información sensible del clúster y del tenant mediante vectores no especificados. Esta vulnerabilidad es diferente de CVE-2016-3064. • http://www.securityfocus.com/bid/101776 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-12420
https://notcve.org/view.php?id=CVE-2017-12420
18 Aug 2017 — Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote authenticated users to cause a denial of service or execute arbitrary code. Un desbordamiento de búfer basado en montículos en la implementación SMB en NetApp Clustered Data ONTAP en sus versiones anteriores a la 8.3.2P8 y 9.0 anterior al P2 permite que los usuarios autenticados remotos provoquen una denegación de servicio o ejecuten código arbitrario. • http://www.securityfocus.com/bid/100429 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2017-5988
https://notcve.org/view.php?id=CVE-2017-5988
10 Apr 2017 — NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is enabled, allows remote attackers to cause a denial of service via unspecified vectors. NetApp Clustered Data ONTAP 8.1 hasta la versión 9.1P1, cuando NFS o SMB está habilitado, permite a los atacantes remotos causar una denegación de servicio a través de vectores no especificados. • https://kb.netapp.com/support/s/article/NTAP-20170331-0001 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-4341
https://notcve.org/view.php?id=CVE-2016-4341
07 Feb 2017 — NetApp Clustered Data ONTAP before 8.3.2P7 allows remote attackers to obtain SMB share information via unspecified vectors. NetApp Clustered Data ONTAP en versiones anteriores a 8.3.2P7 permite a atacantes remotos obtener información compartida SMB a través de vectores no especificados. • https://kb.netapp.com/support/s/article/NTAP-20161028-0001 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-8020
https://notcve.org/view.php?id=CVE-2015-8020
11 Jan 2017 — Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default privileged account which under certain conditions can be used for unauthorized information disclosure. Clustered Data ONTAP versiones 8.0, 8.3.1 y 8.3.2 contiene una cuenta por defecto privilegiada que bajo ciertas condiciones puede ser usada para revelar información no autorizada. • http://www.securityfocus.com/bid/92329 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-3064
https://notcve.org/view.php?id=CVE-2016-3064
01 Sep 2016 — NetApp Clustered Data ONTAP before 8.2.4P4 and 8.3.x before 8.3.2P2 allows remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors. NetApp Clustered Data ONTAP en versiones anteriores a 8.2.4P4 y 8.3.x en versiones anteriores a 8.3.2P2 permite a usuarios remotos autenticados obtener información de cluster y usuario sensible a través de vectores no especificados. • http://kb.netapp.com/support/index?page=content&id=9010099 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •