Vulnerabilities > Netapp > Oncommand Unified Manager Core Package > High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-26	CVE-2021-3156	Off-by-one Error vulnerability in multiple products Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. local low complexity sudo-project fedoraproject debian netapp mcafee synology beyondtrust oracle CWE-193	7.8
2019-10-01	CVE-2019-17069	Use After Free vulnerability in multiple products PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. network low complexity putty opensuse netapp CWE-416	7.5
2017-05-26	CVE-2017-7439	Information Exposure vulnerability in Netapp Oncommand Unified Manager Core Package NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 might allow remote attackers to obtain sensitive information via vectors involving error messages. network low complexity netapp CWE-200	7.5
2017-05-26	CVE-2017-7236	SQL Injection vulnerability in Netapp Oncommand Unified Manager Core Package SQL injection vulnerability in NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. network low complexity netapp CWE-89	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.