Vulnerabilities > Netapp > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-21 | CVE-2021-2425 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.0 |
| 2021-07-21 | CVE-2021-2426 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.0 |
| 2021-07-20 | CVE-2021-33910 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash. | 5.5 |
| 2021-07-19 | CVE-2021-35043 | Cross-site Scripting vulnerability in multiple products OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). | 6.1 |
| 2021-07-15 | CVE-2021-34429 | For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. | 5.3 |
| 2021-07-15 | CVE-2021-34558 | Improper Certificate Validation vulnerability in multiple products The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic. | 6.5 |
| 2021-07-09 | CVE-2021-3541 | XML Entity Expansion vulnerability in multiple products A flaw was found in libxml2. | 4.0 |
| 2021-07-07 | CVE-2021-22555 | Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. | 4.6 |
| 2021-06-30 | CVE-2021-20461 | Exposure of Resource to Wrong Sphere vulnerability in multiple products IBM Cognos Analytics 10.0 and 11.1 is susceptible to a weakness in the implementation of the System Appearance configuration setting. | 4.0 |
| 2021-06-29 | CVE-2021-28691 | Use After Free vulnerability in multiple products Guest triggered use-after-free in Linux xen-netback A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malformed packet. | 4.6 |