Vulnerabilities > Netapp > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-16 | CVE-2019-2923 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). | 5.3 |
| 2019-10-16 | CVE-2019-2922 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). | 5.3 |
| 2019-10-16 | CVE-2019-2914 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). | 6.5 |
| 2019-10-09 | CVE-2019-5507 | Unspecified vulnerability in Netapp Snapmanager SnapManager for Oracle prior to version 3.4.2P1 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information. | 5.5 |
| 2019-10-09 | CVE-2019-5506 | Improper Certificate Validation vulnerability in Netapp Clustered Data Ontap Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain circumstances making them susceptible to impersonation via man-in-the-middle attacks. | 5.9 |
| 2019-09-26 | CVE-2019-10092 | Cross-site Scripting vulnerability in multiple products In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. | 6.1 |
| 2019-09-24 | CVE-2019-5094 | Out-of-bounds Write vulnerability in multiple products An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. | 6.7 |
| 2019-09-17 | CVE-2019-4342 | Cross-site Scripting vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. | 5.4 |
| 2019-09-16 | CVE-2019-11184 | Race Condition vulnerability in multiple products A race condition in specific microprocessors using Intel (R) DDIO cache allocation and RDMA may allow an authenticated user to potentially enable partial information disclosure via adjacent access. | 4.8 |
| 2019-09-10 | CVE-2019-5503 | Cleartext Transmission of Sensitive Information vulnerability in Netapp Oncommand Workflow Automation 5.0 OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. | 5.3 |