Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-04-19 CVE-2018-2777 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle netapp canonical mariadb
4.0
4.0
2018-04-19 CVE-2018-2771 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking).
network
high complexity
oracle debian canonical mariadb redhat netapp
4.4
4.4
2018-04-19 CVE-2018-2766 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle canonical mariadb debian netapp
6.8
6.8
2018-04-19 CVE-2018-2761 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). 4.3
4.3
2018-04-19 CVE-2018-2759 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle netapp canonical mariadb
4.0
4.0
2018-03-26 CVE-2018-1302 NULL Pointer Dereference vulnerability in multiple products
When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory.
network
high complexity
apache canonical netapp CWE-476
5.9
5.9
2018-03-26 CVE-2018-1301 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header.
network
high complexity
apache debian canonical netapp redhat CWE-119
5.9
5.9
2018-03-26 CVE-2018-1283 In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header.
network
high complexity
apache debian canonical netapp redhat
5.3
5.3
2018-03-09 CVE-2016-8612 Improper Input Validation vulnerability in multiple products
Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process.
low complexity
apache redhat netapp CWE-20
4.3
4.3
2018-03-06 CVE-2018-7185 The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association.
network
low complexity
ntp synology canonical netapp hpe oracle
5.0
5.0