Vulnerabilities > Netapp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-20 | CVE-2021-35612 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 5.5 |
| 2021-10-20 | CVE-2021-35613 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). | 3.7 |
| 2021-10-20 | CVE-2021-35560 | Vulnerability in the Java SE product of Oracle Java SE (component: Deployment). | 7.5 |
| 2021-10-20 | CVE-2021-35583 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Windows). | 7.5 |
| 2021-10-20 | CVE-2021-35584 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: ndbcluster/plugin DDL). | 4.3 |
| 2021-10-19 | CVE-2021-37136 | Resource Exhaustion vulnerability in multiple products The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). | 7.5 |
| 2021-10-19 | CVE-2021-37137 | Resource Exhaustion vulnerability in multiple products The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. | 7.5 |
| 2021-10-19 | CVE-2021-27001 | Unspecified vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local attacker to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period. | 5.5 |
| 2021-10-15 | CVE-2020-4951 | Information Exposure vulnerability in multiple products IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information. | 3.3 |
| 2021-10-15 | CVE-2021-29679 | Code Injection vulnerability in multiple products IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutralizaing user-contrlled input that could be interpreted a a server-side include (SSI) directive. | 8.8 |