Vulnerabilities > Netapp > Oncommand Insight
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-15 | CVE-2020-14553 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). | 4.3 |
| 2020-07-15 | CVE-2020-14550 | Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). | 5.3 |
| 2020-07-15 | CVE-2020-14547 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |
| 2020-07-15 | CVE-2020-14540 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). | 4.9 |
| 2020-07-15 | CVE-2020-14539 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 6.5 |
| 2020-06-15 | CVE-2020-4051 | Cross-site Scripting vulnerability in multiple products In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than 1.14.7, and greater than or equal to 1.15.0 and less than 1.15.4, and greater than or equal to 1.16.0 and less than 1.16.3, there is a cross-site scripting vulnerability in the Editor's LinkDialog plugin. | 5.4 |
| 2020-06-10 | CVE-2020-10705 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the "Expect: 100-continue" header may cause an out of memory error. | 5.0 |
| 2020-05-26 | CVE-2020-10719 | HTTP Request Smuggling vulnerability in multiple products A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. | 6.5 |
| 2020-04-29 | CVE-2020-11022 | Cross-site Scripting vulnerability in multiple products In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. | 6.1 |
| 2020-04-29 | CVE-2020-11023 | Cross-site Scripting vulnerability in multiple products In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. | 6.1 |