VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Netapp
> Oncommand Workflow Automation
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-05-06
CVE-2022-24823
Netty is an open-source, asynchronous event-driven network application framework.
local
low complexity
netty
oracle
netapp
5.5
5.5
2022-05-03
CVE-2022-1292
OS Command Injection vulnerability in multiple products
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.
network
low complexity
openssl
debian
netapp
oracle
fedoraproject
CWE-78
critical
9.8
9.8
2022-04-27
CVE-2022-24891
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library.
network
low complexity
owasp
oracle
netapp
6.1
6.1
2022-04-25
CVE-2022-23457
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library.
network
low complexity
owasp
oracle
netapp
critical
9.8
9.8
2022-03-25
CVE-2018-25032
Out-of-bounds Write vulnerability in multiple products
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
network
low complexity
zlib
debian
fedoraproject
apple
python
mariadb
netapp
siemens
azul
goto
CWE-787
7.5
7.5
2022-03-11
CVE-2020-36518
Out-of-bounds Write vulnerability in multiple products
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
network
low complexity
fasterxml
oracle
debian
netapp
CWE-787
7.5
7.5
2022-02-24
CVE-2022-21824
Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__".
network
low complexity
nodejs
oracle
debian
netapp
8.2
8.2
2022-02-04
CVE-2022-23913
In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.
network
low complexity
apache
netapp
7.5
7.5
2022-01-26
CVE-2021-22570
NULL Pointer Dereference vulnerability in multiple products
Nullptr dereference when a null char is present in a proto symbol.
local
low complexity
google
debian
fedoraproject
oracle
netapp
CWE-476
5.5
5.5
2022-01-24
CVE-2022-23852
Integer Overflow or Wraparound vulnerability in multiple products
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
network
low complexity
libexpat-project
netapp
tenable
debian
oracle
siemens
CWE-190
critical
9.8
9.8
«
Previous
1
2
3
(current)
4
5
...
37
38
»
Next