Vulnerabilities > Netapp > Active IQ Unified Manager > High

DATE CVE VULNERABILITY TITLE RISK
2019-07-17 CVE-2019-13272 In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). 7.8
7.8
2019-07-10 CVE-2018-14550 Out-of-bounds Write vulnerability in multiple products
An issue has been found in third-party PNM decoding associated with libpng 1.6.35.
network
low complexity
libpng oracle netapp CWE-787
8.8
8.8
2019-06-03 CVE-2019-12615 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6.
network
low complexity
linux netapp CWE-476
7.5
7.5
2019-05-07 CVE-2018-20836 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.20.
network
high complexity
linux canonical debian f5 netapp opensuse CWE-416
8.1
8.1
2018-08-22 CVE-2018-11776 Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
network
high complexity
apache netapp oracle
8.1
8.1
2018-07-18 CVE-2018-2942 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Windows DLL).
network
high complexity
oracle netapp
8.3
8.3
2018-01-18 CVE-2018-2638 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment).
network
high complexity
oracle redhat netapp
8.3
8.3
2018-01-18 CVE-2018-2627 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer).
local
high complexity
oracle redhat netapp
7.5
7.5
2018-01-18 CVE-2018-2612 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle mariadb netapp canonical debian
7.5
7.5
2018-01-18 CVE-2018-2562 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition).
network
low complexity
oracle mariadb debian canonical netapp redhat
7.5
7.5