Vulnerabilities > Netapp
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-18 | CVE-2018-2612 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 6.5 |
2018-01-18 | CVE-2018-2581 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). | 4.7 |
2018-01-18 | CVE-2018-2562 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). | 7.1 |
2018-01-10 | CVE-2017-17485 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. | 9.8 |
2018-01-04 | CVE-2017-5753 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | 5.6 |
2018-01-04 | CVE-2017-5715 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | 5.6 |
2017-12-18 | CVE-2017-14583 | Improper Input Validation vulnerability in Netapp Clustered Data Ontap 9.0/9.1/9.2 NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an attacker to cause a Denial of Service (DoS) in SMB environments. | 6.5 |
2017-12-11 | CVE-2016-6904 | Credentials Management vulnerability in Netapp Vasa Provider 6.0/6.X/7.0 Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. | 8.1 |
2017-12-01 | CVE-2017-15707 | Improper Input Validation vulnerability in multiple products In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload. | 6.2 |
2017-11-17 | CVE-2017-15517 | Information Exposure vulnerability in Netapp Altavault OST Plug-In AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to obtain sensitive information via unspecified vectors. | 5.5 |