Vulnerabilities > Netapp > Storage Automation Store

DATE CVE VULNERABILITY TITLE RISK
2018-07-18 CVE-2018-3062 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached).
network
high complexity
oracle netapp canonical
5.3
5.3
2018-07-18 CVE-2018-3061 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
network
low complexity
oracle netapp canonical
4.9
4.9
2018-07-18 CVE-2018-3060 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle netapp canonical mariadb
6.5
6.5
2018-07-18 CVE-2018-3058 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: MyISAM).
network
low complexity
oracle netapp canonical debian mariadb redhat
4.3
4.3
2018-07-18 CVE-2018-3056 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges).
network
low complexity
oracle netapp canonical
4.3
4.3
2018-07-18 CVE-2018-3054 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
network
low complexity
oracle netapp canonical
4.9
4.9
2018-07-05 CVE-2018-8026 XXE vulnerability in multiple products
This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file).
local
low complexity
apache netapp CWE-611
5.5
5.5
2018-06-26 CVE-2018-12882 Use After Free vulnerability in multiple products
exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing.
network
low complexity
php canonical netapp CWE-416
critical
 9.8
9.8
2018-06-18 CVE-2018-1333 Resource Exhaustion vulnerability in multiple products
By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service.
network
low complexity
apache redhat canonical netapp CWE-400
7.5
7.5
2018-05-16 CVE-2018-8014 Insecure Default Initialization of Resource vulnerability in multiple products
The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins.
network
low complexity
apache canonical debian netapp CWE-1188
critical
 9.8
9.8