Vulnerabilities > Netapp > Oncommand Workflow Automation

DATE CVE VULNERABILITY TITLE RISK
2018-08-22 CVE-2018-11776 Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
network
high complexity
apache netapp oracle
8.1
2018-08-20 CVE-2018-1000632 XML Injection (aka Blind XPath Injection) vulnerability in multiple products
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element.
network
low complexity
dom4j-project debian oracle redhat netapp CWE-91
7.5
2018-07-18 CVE-2018-3084 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell: Core / Client).
local
low complexity
oracle netapp
2.8
2018-07-18 CVE-2018-3082 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle netapp
2.7
2018-07-18 CVE-2018-3081 Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs). 4.9
2018-07-18 CVE-2018-3080 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle netapp
4.9
2018-07-18 CVE-2018-3079 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle netapp
4.9
2018-07-18 CVE-2018-3078 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle netapp
4.9
2018-07-18 CVE-2018-3077 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle netapp canonical
4.0
2018-07-18 CVE-2018-3075 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
network
low complexity
oracle netapp
4.9