Vulnerabilities > Netapp > Oncommand Workflow Automation > High

DATE CVE VULNERABILITY TITLE RISK
2020-07-24 CVE-2020-8174 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.
network
high complexity
nodejs oracle netapp CWE-191
8.1
8.1
2020-07-15 CVE-2020-14697 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).
network
low complexity
oracle netapp canonical
7.2
7.2
2020-07-15 CVE-2020-14678 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).
network
low complexity
netapp canonical oracle
7.2
7.2
2020-07-15 CVE-2020-14663 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).
network
low complexity
netapp canonical oracle
7.2
7.2
2020-06-05 CVE-2020-12723 Classic Buffer Overflow vulnerability in multiple products
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
network
low complexity
perl netapp fedoraproject opensuse oracle CWE-120
7.5
7.5
2020-06-05 CVE-2020-10878 Integer Overflow or Wraparound vulnerability in multiple products
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation.
network
low complexity
perl fedoraproject opensuse netapp oracle CWE-190
8.6
8.6
2020-04-21 CVE-2020-1967 NULL Pointer Dereference vulnerability in multiple products
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. 		7.5
7.5
2020-04-15 CVE-2020-2816 Vulnerability in the Java SE product of Oracle Java SE (component: JSSE).
network
low complexity
oracle netapp canonical debian opensuse
7.5
7.5
2020-04-15 CVE-2020-2805 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). 8.3
8.3
2020-04-15 CVE-2020-2803 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). 8.3
8.3