Vulnerabilities > Netapp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-02-06 | CVE-2014-9353 | Permissions, Privileges, and Access Controls vulnerability in Netapp Oncommand Balance 4.2 NetApp OnCommand Balance before 4.2P2 contains a "default privileged account," which allows remote attackers to gain privileges via unspecified vectors. | 10.0 |
| 2014-11-24 | CVE-2010-5312 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option. | 6.1 |
| 2010-08-05 | CVE-2010-1871 | Expression Language Injection vulnerability in multiple products JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. | 8.8 |
| 2008-07-28 | CVE-2008-3349 | Permissions, Privileges, and Access Controls vulnerability in Netapp Data Ontap Multiple unspecified vulnerabilities in NetApp Data ONTAP, as used on NetApp and IBM eServer platforms, allow remote attackers to execute arbitrary commands, cause a denial of service (system crash), or obtain sensitive information, probably related to insufficient access control for HTTP requests. | 10.0 |
| 2007-05-21 | CVE-2007-2768 | Information Exposure vulnerability in multiple products OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords (OTP), a similar issue to CVE-2007-2243. | 4.3 |