Vulnerabilities > Netapp > Oncommand Unified Manager

DATE CVE VULNERABILITY TITLE RISK
2017-08-08 CVE-2017-10081 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot).
network
oracle debian netapp
4.3
4.3
2017-08-08 CVE-2017-10078 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Scripting).
network
low complexity
oracle debian redhat phoenixcontact netapp
5.5
5.5
2017-08-08 CVE-2017-10074 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot).
network
high complexity
oracle debian redhat netapp
5.1
5.1
2017-08-08 CVE-2017-10067 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle debian redhat netapp
5.1
5.1
2017-08-08 CVE-2017-10053 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D).
network
low complexity
oracle debian redhat netapp phoenixcontact
5.0
5.0
2017-08-07 CVE-2015-7871 Improper Authentication vulnerability in multiple products
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
network
low complexity
ntp debian netapp CWE-287
7.5
7.5
2017-08-07 CVE-2015-7855 Improper Input Validation vulnerability in multiple products
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
network
low complexity
ntp debian netapp siemens CWE-20
4.0
4.0
2017-08-07 CVE-2015-7854 Classic Buffer Overflow vulnerability in NTP
Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
network
low complexity
ntp netapp CWE-120
6.5
6.5
2017-08-07 CVE-2015-7853 Classic Buffer Overflow vulnerability in multiple products
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.
network
low complexity
ntp netapp CWE-120
7.5
7.5
2017-08-07 CVE-2015-7852 Improper Input Validation vulnerability in NTP
ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets. 		4.3
4.3