Vulnerabilities > Netapp

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-01	CVE-2019-4730	XXE vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. network low complexity ibm netapp CWE-611	5.5
2021-06-01	CVE-2020-4300	XXE vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. network low complexity ibm netapp CWE-611	6.4
2021-06-01	CVE-2020-4354	Cross-site Scripting vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. network ibm netapp CWE-79	3.5
2021-06-01	CVE-2020-4520	Cross-site Scripting vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to inject malicious HTML code that when viewed by the authenticated victim would execute the code. network ibm netapp CWE-79	6.8
2021-06-01	CVE-2020-4561	Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. network low complexity ibm netapp CWE-829	7.5
2021-06-01	CVE-2021-3516	Use After Free vulnerability in multiple products There's a flaw in libxml2's xmllint in versions before 2.9.11. local low complexity xmlsoft debian fedoraproject redhat netapp oracle CWE-416	7.8
2021-06-01	CVE-2021-23017	Off-by-one Error vulnerability in multiple products A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. network high complexity f5 openresty fedoraproject netapp oracle CWE-193	7.7
2021-05-28	CVE-2021-29505	Deserialization of Untrusted Data vulnerability in multiple products XStream is software for serializing Java objects to XML and back again. network low complexity xstream-project debian fedoraproject netapp oracle CWE-502	8.8
2021-05-28	CVE-2021-33587	The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input. network low complexity css-what-project netapp	7.5
2021-05-28	CVE-2021-33623	Resource Exhaustion vulnerability in multiple products The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method. network low complexity trim-newlines-project netapp debian CWE-400	7.5

Vulnerabilities > Netapp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Netapp"}]}

Vulnerabilities > Netapp