VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Netapp
>
Oncommand Insight
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-10-10
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
network
low complexity
ietf
nghttp2
netty
envoyproxy
eclipse
caddyserver
golang
f5
apache
apple
grpc
microsoft
nodejs
dena
facebook
amazon
debian
kazu-yamamoto
istio
varnish-cache-project
traefik
projectcontour
linkerd
linecorp
redhat
fedoraproject
netapp
akka
konghq
jenkins
openresty
cisco
7.5
7.5
2023-09-21
CVE-2023-41993
Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
The issue was addressed with improved checks.
network
low complexity
apple
fedoraproject
debian
oracle
netapp
webkitgtk
CWE-754
8.8
8.8
2022-12-23
CVE-2022-43551
Cleartext Transmission of Sensitive Information vulnerability in multiple products
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP.
network
low complexity
haxx
fedoraproject
netapp
splunk
CWE-319
7.5
7.5
2022-12-20
CVE-2022-38733
Unspecified vulnerability in Netapp Oncommand Insight
OnCommand Insight versions 7.3.1 through 7.3.14 are susceptible to an authentication bypass vulnerability in the Data Warehouse component.
network
low complexity
netapp
8.6
8.6
2022-09-01
CVE-2022-30614
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to a denial of service via email flooding caused by sending a specially-crafted request.
network
low complexity
ibm
netapp
7.5
7.5
2022-09-01
CVE-2022-36773
XXE vulnerability in multiple products
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm
netapp
CWE-611
8.1
8.1
2022-08-31
CVE-2022-1259
A flaw was found in Undertow.
network
low complexity
redhat
netapp
7.5
7.5
2022-08-31
CVE-2022-1319
A flaw was found in Undertow.
network
low complexity
redhat
netapp
7.5
7.5
2022-08-26
CVE-2021-3859
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2.
network
low complexity
redhat
netapp
7.5
7.5
2022-07-19
CVE-2022-34169
Incorrect Conversion between Numeric Types vulnerability in multiple products
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets.
network
low complexity
apache
debian
oracle
fedoraproject
netapp
azul
CWE-681
7.5
7.5
«
1
(current)
2
3
4
5
...
9
10
»
Next