Vulnerabilities > Netapp > Oncommand Unified Manager

DATE CVE VULNERABILITY TITLE RISK
2018-04-19 CVE-2018-2818 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges).
network
low complexity
oracle canonical debian netapp
4.9
4.9
2018-04-19 CVE-2018-2816 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle canonical netapp
4.9
4.9
2018-04-19 CVE-2018-2813 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle debian canonical redhat netapp mariadb
4.3
4.3
2018-04-19 CVE-2018-2812 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle canonical netapp
5.5
5.5
2018-01-21 CVE-2016-10708 NULL Pointer Dereference vulnerability in multiple products
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
network
low complexity
openbsd debian canonical netapp CWE-476
7.5
7.5
2018-01-18 CVE-2018-2638 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment).
network
high complexity
oracle redhat netapp
8.3
8.3
2018-01-18 CVE-2018-2627 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer).
local
high complexity
oracle redhat netapp
7.5
7.5
2018-01-18 CVE-2018-2581 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX).
network
low complexity
oracle redhat netapp
4.7
4.7
2017-11-13 CVE-2016-8610 A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. 7.5
7.5
2017-11-10 CVE-2017-11461 Improper Input Validation vulnerability in Netapp Oncommand Unified Manager 5.1
NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface.
network
low complexity
netapp CWE-20
4.3
4.3