Vulnerabilities > Netapp > Oncommand Performance Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-08-08 CVE-2017-10109 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization).
network
low complexity
oracle debian redhat netapp
5.3
5.3
2017-08-08 CVE-2017-10108 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization).
network
low complexity
oracle debian phoenixcontact redhat netapp
5.3
5.3
2017-08-08 CVE-2017-10105 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment).
network
low complexity
oracle redhat netapp
4.3
4.3
2017-08-08 CVE-2017-10081 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot).
network
low complexity
oracle debian netapp
4.3
4.3
2017-08-08 CVE-2017-10053 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D).
network
low complexity
oracle debian redhat netapp phoenixcontact
5.3
5.3
2017-08-07 CVE-2015-7855 Improper Input Validation vulnerability in multiple products
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
network
low complexity
ntp debian netapp siemens CWE-20
6.5
6.5
2017-08-07 CVE-2015-7852 Improper Input Validation vulnerability in multiple products
ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.
network
high complexity
ntp debian netapp oracle redhat CWE-20
5.9
5.9
2017-08-07 CVE-2015-7850 Infinite Loop vulnerability in multiple products
ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.
network
low complexity
ntp debian netapp CWE-835
6.5
6.5
2017-08-07 CVE-2015-7702 Improper Input Validation vulnerability in multiple products
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash).
network
low complexity
ntp oracle debian netapp redhat CWE-20
6.5
6.5
2017-01-30 CVE-2016-2518 Out-of-bounds Read vulnerability in multiple products
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
network
low complexity
ntp debian netapp oracle redhat freebsd siemens CWE-125
5.3
5.3