Vulnerabilities > Netapp > Active IQ Unified Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-04-19 CVE-2022-21478 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp
5.5
2022-04-19 CVE-2022-21479 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp
5.5
2022-04-19 CVE-2022-21482 Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).
high complexity
oracle netapp
4.0
2022-04-19 CVE-2022-21483 Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).
high complexity
oracle netapp
4.0
2022-04-19 CVE-2022-21489 Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).
high complexity
oracle netapp
4.0
2022-04-19 CVE-2022-21490 Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).
high complexity
oracle netapp
4.0
2022-04-19 CVE-2022-21496 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI).
network
low complexity
oracle netapp debian azul
5.3
2022-04-14 CVE-2022-22968 Improper Handling of Case Sensitivity vulnerability in multiple products
In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path.
network
low complexity
vmware netapp oracle CWE-178
5.3
2022-03-28 CVE-2022-1056 Out-of-bounds Read vulnerability in multiple products
Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file.
local
low complexity
libtiff netapp CWE-125
5.5
2022-03-25 CVE-2021-4203 Race Condition vulnerability in multiple products
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel.
network
high complexity
linux netapp oracle CWE-362
6.8