VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Netapp
>
Oncommand Insight
> Critical
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-03-23
CVE-2021-21346
Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
netapp
apache
xstream
debian
fedoraproject
oracle
CWE-434
critical
9.8
9.8
2021-03-23
CVE-2021-21347
Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
netapp
apache
xstream
debian
fedoraproject
oracle
CWE-434
critical
9.8
9.8
2021-03-23
CVE-2021-21350
Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
netapp
apache
xstream
debian
fedoraproject
oracle
CWE-434
critical
9.8
9.8
2021-03-23
CVE-2021-21351
Unrestricted Upload of File with Dangerous Type vulnerability in multiple products
XStream is a Java library to serialize objects to XML and back again.
network
low complexity
netapp
apache
xstream
debian
fedoraproject
oracle
CWE-434
critical
9.1
9.1
2019-09-16
CVE-2019-5482
Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
network
low complexity
haxx
fedoraproject
opensuse
netapp
oracle
debian
CWE-787
critical
9.8
9.8
2019-04-10
CVE-2019-11068
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code.
network
low complexity
xmlsoft
canonical
debian
fedoraproject
oracle
netapp
opensuse
critical
9.8
9.8
2019-02-06
CVE-2019-3822
Out-of-bounds Write vulnerability in multiple products
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow.
network
low complexity
haxx
canonical
debian
netapp
siemens
oracle
redhat
CWE-787
critical
9.8
9.8
2018-07-18
CVE-2018-2938
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB).
network
high complexity
oracle
netapp
critical
9.0
9.0
2018-05-16
CVE-2018-8014
Insecure Default Initialization of Resource vulnerability in multiple products
The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins.
network
low complexity
apache
canonical
debian
netapp
CWE-1188
critical
9.8
9.8
2017-10-19
CVE-2017-10285
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI).
network
low complexity
oracle
debian
redhat
netapp
critical
9.6
9.6
«
Previous
1
2
(current)
3
4
»
Next