Vulnerabilities (CVE)

Vendor filter

Netapp Subscribe

Filter

302 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-3067 2 Oracle, Netapp 5 Mysql, Oncommand Insight, Oncommand Workflow Automation and 2 more 2019-10-03 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...
CVE-2018-1258 3 Pivotal Software, Oracle, Netapp 35 Spring Framework, Application Testing Suite, Communications Diameter Signaling Router and 32 more 2019-10-03 6.5
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.
CVE-2018-5481 1 Netapp 1 Oncommand Unified Manager 2019-10-03 5.8
OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.
CVE-2018-3278 3 Oracle, Netapp, Canonical 6 Mysql, Oncommand Insight, Oncommand Workflow Automation and 3 more 2019-10-03 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: RBR). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged...
CVE-2018-3144 3 Oracle, Netapp, Canonical 6 Mysql, Oncommand Insight, Oncommand Workflow Automation and 3 more 2019-10-03 4.3
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Audit). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows unauthenticated...
CVE-2018-3185 3 Oracle, Netapp, Canonical 6 Mysql, Oncommand Insight, Oncommand Workflow Automation and 3 more 2019-10-03 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network...
CVE-2018-3200 3 Oracle, Netapp, Canonical 6 Mysql, Oncommand Insight, Oncommand Workflow Automation and 3 more 2019-10-03 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network...
CVE-2018-3693 6 Arm, Intel, Netapp and 3 more 37 Cortex-a, Cortex-r, Atom C and 34 more 2019-10-03 4.7
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis.
CVE-2018-3187 3 Oracle, Netapp, Canonical 6 Mysql, Oncommand Insight, Oncommand Workflow Automation and 3 more 2019-10-03 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with...
CVE-2018-3247 3 Oracle, Netapp, Canonical 6 Mysql, Oncommand Insight, Oncommand Workflow Automation and 3 more 2019-10-03 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Merge). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged...
CVE-2018-5495 1 Netapp 1 Storagegrid Webscale 2019-10-03 7.5
All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node.
CVE-2018-3063 4 Oracle, Netapp, Canonical and 1 more 7 Mysql, Oncommand Insight, Oncommand Workflow Automation and 4 more 2019-10-03 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.60 and prior. Easily exploitable vulnerability allows high privileged attacker with network...
CVE-2018-3060 3 Oracle, Netapp, Canonical 6 Mysql, Oncommand Insight, Oncommand Workflow Automation and 3 more 2019-10-03 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.22 and prior and 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network...
CVE-2018-10546 4 Php, Canonical, Netapp and 1 more 4 Php, Ubuntu Linux, Storage Automation Store and 1 more 2019-10-03 5.0
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.
CVE-2018-3061 3 Oracle, Netapp, Canonical 6 Mysql, Oncommand Insight, Oncommand Workflow Automation and 3 more 2019-10-03 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...
CVE-2018-3079 2 Oracle, Netapp 5 Mysql, Oncommand Insight, Oncommand Workflow Automation and 2 more 2019-10-03 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...
CVE-2017-12422 1 Netapp 1 Storagegrid Webscale 2019-10-03 4.0
NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10.4.0.2 allow remote authenticated users to delete arbitrary objects via unspecified vectors.
CVE-2017-15519 1 Netapp 1 Snapcenter Server 2019-10-03 6.4
Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade...
CVE-2018-3137 2 Oracle, Netapp 5 Mysql, Oncommand Insight, Oncommand Workflow Automation and 2 more 2019-10-03 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via...
CVE-2018-2816 3 Oracle, Canonical, Netapp 6 Mysql, Ubuntu Linux, Oncommand Insight and 3 more 2019-10-03 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...