Vulnerabilities > Netapp > Oncommand Workflow Automation > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-07-01 CVE-2019-13118 Type Confusion vulnerability in multiple products
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
5.3
2019-02-27 CVE-2019-1559 Information Exposure Through Discrepancy vulnerability in multiple products
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC.
5.9
2019-02-04 CVE-2019-7317 Use After Free vulnerability in multiple products
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
5.3
2019-01-16 CVE-2019-2539 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection).
network
low complexity
oracle netapp redhat
4.9
2019-01-16 CVE-2019-2537 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle canonical debian netapp mariadb redhat
4.9
2019-01-16 CVE-2019-2536 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging).
local
high complexity
oracle netapp redhat
5.0
2019-01-16 CVE-2019-2535 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options).
local
high complexity
oracle netapp redhat
4.1
2019-01-16 CVE-2019-2533 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges).
network
low complexity
oracle netapp redhat
6.5
2019-01-16 CVE-2019-2532 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
network
low complexity
oracle netapp canonical redhat
4.9
2019-01-16 CVE-2019-2531 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication).
network
low complexity
oracle netapp canonical redhat
4.9