Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2018-12099 Cross-site Scripting vulnerability in multiple products
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
network
low complexity
grafana netapp CWE-79
6.1
2018-06-07 CVE-2018-3721 lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.
network
low complexity
lodash netapp
6.5
2018-05-16 CVE-2018-11212 Divide By Zero vulnerability in multiple products
An issue was discovered in libjpeg 9a and 9d.
6.5
2018-05-07 CVE-2018-1413 Cross-site Scripting vulnerability in multiple products
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting.
network
low complexity
ibm netapp CWE-79
5.4
2018-04-29 CVE-2018-10547 Cross-site Scripting vulnerability in multiple products
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.
network
low complexity
php canonical debian netapp CWE-79
6.1
2018-04-29 CVE-2018-10545 Information Exposure vulnerability in multiple products
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4.
local
high complexity
php canonical debian netapp CWE-200
4.7
2018-04-19 CVE-2018-2846 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema).
network
low complexity
oracle canonical netapp
4.9
2018-04-19 CVE-2018-2839 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle canonical netapp
4.9
2018-04-19 CVE-2018-2819 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle mariadb canonical debian redhat netapp
6.5
2018-04-19 CVE-2018-2818 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges).
network
low complexity
oracle canonical debian netapp
4.9