VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Netapp
>
Active IQ Unified Manager
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2019-10-08
CVE-2019-17359
Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data.
network
low complexity
bouncycastle
apache
netapp
oracle
CWE-770
7.5
7.5
2019-07-25
CVE-2019-10184
Missing Authorization vulnerability in multiple products
undertow before version 2.0.23.Final is vulnerable to an information leak issue.
network
low complexity
redhat
netapp
CWE-862
7.5
7.5
2019-07-17
CVE-2019-13272
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker).
local
low complexity
linux
debian
fedoraproject
canonical
redhat
netapp
7.8
7.8
2019-07-10
CVE-2018-14550
Out-of-bounds Write vulnerability in multiple products
An issue has been found in third-party PNM decoding associated with libpng 1.6.35.
network
low complexity
libpng
oracle
netapp
CWE-787
8.8
8.8
2019-06-03
CVE-2019-12615
NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6.
network
low complexity
linux
netapp
CWE-476
7.5
7.5
2019-05-08
CVE-2019-11815
Use After Free vulnerability in multiple products
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8.
network
high complexity
linux
canonical
debian
opensuse
netapp
CWE-416
8.1
8.1
2019-05-07
CVE-2018-20836
Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.20.
network
high complexity
linux
canonical
debian
f5
netapp
opensuse
CWE-416
8.1
8.1
2019-01-16
CVE-2019-2435
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python).
network
low complexity
oracle
netapp
8.1
8.1
2018-08-22
CVE-2018-11776
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
network
high complexity
apache
netapp
oracle
8.1
8.1
2018-07-18
CVE-2018-2964
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment).
network
high complexity
oracle
netapp
8.3
8.3
«
Previous
1
2
...
12
13
14
(current)
15
16
»
Next