Vulnerabilities > Netapp > Snapcenter

DATE CVE VULNERABILITY TITLE RISK
2018-07-18 CVE-2018-3061 Unspecified vulnerability in Oracle Mysql
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle netapp canonical
4.0
2018-07-18 CVE-2018-3060 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle netapp canonical mariadb
5.5
2018-07-18 CVE-2018-3058 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM).
network
low complexity
oracle netapp canonical debian mariadb redhat
4.0
2018-07-18 CVE-2018-3056 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
network
low complexity
oracle netapp canonical
4.0
2018-07-18 CVE-2018-3054 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle netapp canonical
4.0
2018-07-18 CVE-2018-2767 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). 3.5
2018-07-05 CVE-2018-8026 XXE vulnerability in multiple products
This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file).
local
low complexity
apache netapp CWE-611
2.1
2018-06-26 CVE-2017-7658 HTTP Request Smuggling vulnerability in multiple products
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second.
network
low complexity
eclipse debian oracle hp netapp CWE-444
critical
9.8
2018-06-26 CVE-2017-7657 HTTP Request Smuggling vulnerability in multiple products
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly.
network
low complexity
eclipse debian netapp hp oracle CWE-444
critical
9.8
2018-06-22 CVE-2018-12538 Session Fixation vulnerability in multiple products
In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore.
network
low complexity
eclipse netapp CWE-384
8.8