Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2021-06-02 CVE-2021-3522 Out-of-bounds Read vulnerability in multiple products
GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
local
low complexity
gstreamer-project netapp oracle CWE-125
5.5
5.5
2021-06-02 CVE-2021-3530 Uncontrolled Recursion vulnerability in multiple products
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36.
network
low complexity
gnu netapp CWE-674
7.5
7.5
2021-06-02 CVE-2021-3520 Integer Overflow or Wraparound vulnerability in multiple products
There's a flaw in lz4.
network
low complexity
lz4-project netapp oracle splunk CWE-190
critical
 9.8
9.8
2021-06-02 CVE-2020-10771 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A flaw was found in Infinispan version 10, where it is possible to perform various actions that could have side effects using GET requests. 		5.8
5.8
2021-06-02 CVE-2020-14326 A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes.
network
low complexity
redhat netapp
5.0
5.0
2021-06-01 CVE-2019-4471 Missing Encryption of Sensitive Data vulnerability in multiple products
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for a sensitive cookie in an HTTPS session.
network
low complexity
ibm netapp CWE-311
4.0
4.0
2021-06-01 CVE-2019-4653 Cross-site Scripting vulnerability in multiple products
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting.
network
ibm netapp CWE-79
3.5
3.5
2021-06-01 CVE-2019-4722 Improper Handling of Exceptional Conditions vulnerability in multiple products
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain sensitive information via a stack trace due to mishandling of certain error conditions.
network
low complexity
ibm netapp CWE-755
4.0
4.0
2021-06-01 CVE-2019-4723 Insufficiently Protected Credentials vulnerability in multiple products
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain credentials from a user's browser via incorrect autocomplete settings in New Data Server Connection page.
network
low complexity
ibm netapp CWE-522
5.0
5.0
2021-06-01 CVE-2019-4724 Insufficiently Protected Credentials vulnerability in multiple products
IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain credentials from a user's browser via incorrect autocomplete settings in New Content Backup page.
network
low complexity
ibm netapp CWE-522
5.0
5.0