Vulnerabilities > Netapp > Storage Automation Store > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-10-17 CVE-2018-3185 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle netapp canonical mariadb
5.5
2018-10-17 CVE-2018-3156 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle canonical debian netapp mariadb
6.5
2018-10-17 CVE-2018-3145 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser).
network
low complexity
oracle netapp
6.5
2018-10-17 CVE-2018-3144 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit).
network
high complexity
oracle netapp canonical
5.9
2018-10-17 CVE-2018-3143 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
network
low complexity
oracle netapp canonical debian mariadb
6.5
2018-10-17 CVE-2018-3137 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
network
low complexity
oracle netapp
6.5
2018-09-25 CVE-2018-11763 In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect.
network
high complexity
apache canonical redhat oracle netapp
5.9
2018-09-16 CVE-2018-17082 Cross-site Scripting vulnerability in multiple products
The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.
network
low complexity
php debian netapp CWE-79
6.1
2018-08-02 CVE-2018-14851 Out-of-bounds Read vulnerability in multiple products
exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.
local
low complexity
php canonical debian netapp CWE-125
5.5
2018-07-18 CVE-2018-3081 Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs).
network
high complexity
oracle netapp canonical debian mariadb redhat
5.0