Vulnerabilities > Netapp > Oncommand Performance Manager

DATE CVE VULNERABILITY TITLE RISK
2018-02-06 CVE-2017-7525 A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
network
low complexity
fasterxml debian netapp redhat oracle
critical
9.8
2018-02-06 CVE-2017-15095 Deserialization of Untrusted Data vulnerability in multiple products
A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
network
low complexity
fasterxml debian redhat netapp oracle CWE-502
critical
9.8
2017-10-19 CVE-2017-10388 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries).
network
high complexity
oracle redhat netapp debian
7.5
2017-10-19 CVE-2017-10384 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle mariadb debian netapp redhat
6.5
2017-10-19 CVE-2017-10379 Incorrect Authorization vulnerability in multiple products
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs).
network
low complexity
oracle mariadb debian redhat netapp CWE-863
6.5
2017-10-19 CVE-2017-10378 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle mariadb debian redhat netapp
6.5
2017-10-19 CVE-2017-10365 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB).
network
low complexity
oracle mariadb netapp
3.8
2017-10-19 CVE-2017-10357 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization).
network
low complexity
oracle redhat netapp debian
5.3
2017-10-19 CVE-2017-10356 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security).
local
low complexity
oracle redhat netapp debian
6.2
2017-10-19 CVE-2017-10355 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking).
network
low complexity
oracle redhat netapp debian
5.3