Snapcenter

DATE	CVE	VULNERABILITY TITLE	RISK
2018-07-18	CVE-2018-3060	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). network low complexity oracle netapp canonical mariadb	6.5
2018-07-18	CVE-2018-3058	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM). network low complexity oracle netapp canonical debian mariadb redhat	4.3
2018-07-18	CVE-2018-3056	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). network low complexity oracle netapp canonical	4.3
2018-07-18	CVE-2018-3054	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). network low complexity oracle netapp canonical	4.9
2018-07-18	CVE-2018-2767	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). network high complexity oracle debian canonical redhat mariadb netapp	3.1
2018-07-05	CVE-2018-8026	XXE vulnerability in multiple products This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). local low complexity apache netapp CWE-611	5.5
2018-06-26	CVE-2017-7658	HTTP Request Smuggling vulnerability in multiple products In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. network low complexity eclipse debian oracle hp netapp CWE-444 critical	9.8
2018-06-26	CVE-2017-7657	HTTP Request Smuggling vulnerability in multiple products In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. network low complexity eclipse debian netapp hp oracle CWE-444 critical	9.8
2018-06-22	CVE-2018-12538	Session Fixation vulnerability in multiple products In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore. network low complexity eclipse netapp CWE-384	8.8
2018-05-11	CVE-2018-1258	Incorrect Authorization vulnerability in multiple products Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. network low complexity pivotal-software vmware oracle netapp redhat CWE-863	8.8