Vulnerabilities (CVE)

Vendor filter

Netapp Subscribe

Product filter

Oncommand Workflow Automation Subscribe

Filter

85 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-5503 1 Netapp 1 Oncommand Workflow Automation 2019-09-11 5.0
OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors.
CVE-2019-14379 3 Fasterxml, Netapp, Debian 4 Jackson-databind, Oncommand Workflow Automation, Snapcenter and 1 more 2019-08-22 7.5
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used, leading to remote code execution.
CVE-2019-2539 2 Oracle, Netapp 4 Mysql, Oncommand Workflow Automation, Snapcenter and 1 more 2019-08-14 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...
CVE-2019-2536 2 Oracle, Netapp 4 Mysql, Oncommand Workflow Automation, Snapcenter and 1 more 2019-08-14 1.2
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the...
CVE-2019-2535 2 Oracle, Netapp 4 Mysql, Oncommand Workflow Automation, Snapcenter and 1 more 2019-08-14 1.9
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the...
CVE-2019-2534 3 Oracle, Netapp, Canonical 5 Mysql, Oncommand Workflow Automation, Snapcenter and 2 more 2019-08-14 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low...
CVE-2019-2533 2 Oracle, Netapp 4 Mysql, Oncommand Workflow Automation, Snapcenter and 1 more 2019-08-14 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network...
CVE-2019-2532 3 Oracle, Netapp, Canonical 5 Mysql, Oncommand Workflow Automation, Snapcenter and 2 more 2019-08-14 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged...
CVE-2019-2531 3 Oracle, Netapp, Canonical 5 Mysql, Oncommand Workflow Automation, Snapcenter and 2 more 2019-08-14 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high...
CVE-2019-2530 2 Oracle, Netapp 4 Mysql, Oncommand Workflow Automation, Snapcenter and 1 more 2019-08-14 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...
CVE-2019-2481 3 Oracle, Netapp, Canonical 5 Mysql, Oncommand Workflow Automation, Snapcenter and 2 more 2019-08-14 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high...
CVE-2019-2436 2 Oracle, Netapp 4 Mysql, Oncommand Workflow Automation, Snapcenter and 1 more 2019-08-14 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...
CVE-2019-2434 3 Oracle, Netapp, Canonical 5 Mysql, Oncommand Workflow Automation, Snapcenter and 2 more 2019-08-14 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with...
CVE-2019-2420 3 Oracle, Netapp, Canonical 5 Mysql, Oncommand Workflow Automation, Snapcenter and 2 more 2019-08-14 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with...
CVE-2019-2529 4 Oracle, Netapp, Canonical and 1 more 6 Mysql, Oncommand Workflow Automation, Snapcenter and 3 more 2019-08-06 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low...
CVE-2018-12015 6 Perl, Canonical, Debian and 3 more 9 Perl, Ubuntu Linux, Debian Linux and 6 more 2019-08-06 6.4
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
CVE-2018-1258 3 Pivotal Software, Oracle, Netapp 35 Spring Framework, Application Testing Suite, Communications Diameter Signaling Router and 32 more 2019-07-23 6.5
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.
CVE-2018-1000180 5 Bouncycastle, Debian, Netapp and 2 more 18 Fips Java Api, Legion-of-the-bouncy-castle-java-crytography-api, Debian Linux and 15 more 2019-07-23 5.0
Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than...
CVE-2016-8610 4 Openssl, Netapp, Redhat and 1 more 25 Openssl, Clustered Data Ontap Antivirus Connector, Data Ontap and 22 more 2019-07-23 5.0
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL...
CVE-2017-5645 4 Apache, Netapp, Oracle and 1 more 59 Log4j, Oncommand Api Services, Oncommand Insight and 56 more 2019-06-19 7.5
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.