Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2019-01-16 CVE-2019-2434 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser).
network
low complexity
oracle canonical netapp redhat
6.5
6.5
2019-01-16 CVE-2019-2426 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Networking).
network
high complexity
oracle netapp opensuse hp
3.7
3.7
2019-01-16 CVE-2019-2422 Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries).
network
high complexity
oracle canonical netapp redhat debian opensuse hp
3.1
3.1
2019-01-16 CVE-2019-2420 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle canonical netapp redhat
4.9
4.9
2019-01-14 CVE-2018-16888 Improper Privilege Management vulnerability in multiple products
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. 		4.7
4.7
2019-01-11 CVE-2018-16866 Out-of-bounds Read vulnerability in multiple products
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. 		3.3
3.3
2019-01-10 CVE-2018-20685 Incorrect Authorization vulnerability in multiple products
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . 		5.3
5.3
2019-01-07 CVE-2019-5489 Cleartext Transmission of Sensitive Information vulnerability in multiple products
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information.
local
low complexity
linux netapp CWE-319
2.1
2.1
2019-01-07 CVE-2018-5481 Missing Encryption of Sensitive Data vulnerability in Netapp Oncommand Unified Manager
OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.
network
netapp CWE-311
5.8
5.8
2019-01-02 CVE-2018-14719 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.
network
low complexity
fasterxml debian oracle redhat netapp CWE-502
critical
 9.8
9.8