Vulnerabilities > Netapp > Oncommand Insight > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-10-20 CVE-2021-35577 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
netapp oracle fedoraproject
4.9
4.9
2021-10-20 CVE-2021-35578 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE).
network
low complexity
oracle netapp debian fedoraproject
5.3
5.3
2021-10-20 CVE-2021-35583 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Windows).
network
low complexity
oracle netapp
5.0
5.0
2021-10-20 CVE-2021-35584 Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: ndbcluster/plugin DDL).
network
low complexity
oracle netapp
4.0
4.0
2021-10-20 CVE-2021-35586 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO).
network
low complexity
oracle netapp fedoraproject debian
5.3
5.3
2021-10-15 CVE-2021-29679 Code Injection vulnerability in multiple products
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutralizaing user-contrlled input that could be interpreted a a server-side include (SSI) directive.
network
low complexity
ibm netapp CWE-94
6.5
6.5
2021-10-15 CVE-2021-29745 IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to priviledge escalation where a lower evel user could have access to the 'New Job' page to which they should not have access to.
network
low complexity
ibm netapp
6.5
6.5
2021-07-22 CVE-2021-36222 NULL Pointer Dereference vulnerability in multiple products
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash.
network
low complexity
mit debian netapp oracle CWE-476
5.0
5.0
2021-07-21 CVE-2021-2427 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp
4.0
4.0
2021-07-21 CVE-2021-2429 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB).
network
oracle netapp
4.3
4.3