netapp

2,510 tracked vulnerabilities.

CVE-2020-10673 HIGH
FasterXML jackson-databind <2.9.10.4 - Code Injection
Mar 18, 2020
CVSS 8.8
EPSS 0.20
CVE-2020-10672 HIGH
FasterXML jackson-databind <2.9.10.4 - Code Injection
Mar 18, 2020
CVSS 8.8
EPSS 0.39
CVE-2020-7919 HIGH
Go <1.12.16, <1.13.7 - Info Disclosure
Mar 16, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-8571 HIGH
StorageGRID <11.2.0.8-11.3.0.4 - DoS
Mar 13, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-9402 HIGH NUCLEI
Django 1.11-1.11.28, 2.2-2.2.10, 3.0-3.0.3 - SQL Injection via GIS Tolerance Parameter
Mar 05, 2020
CVSS 8.8
EPSS 0.88
CVE-2020-10029 MEDIUM
glibc < 2.32 - Out-of-bounds Write in Long Double Range Reduction
Mar 04, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-9548 CRITICAL NUCLEI
jackson-databind 2.0.0-2.7.9.7 - Deserialization of Untrusted Data via anteros-core Gadget
Mar 02, 2020
CVSS 9.8
EPSS 0.58
CVE-2020-9547 CRITICAL NUCLEI
jackson-databind 2.0.0-2.7.9.7 - Deserialization of Untrusted Data via com.ibatis.sqlmap Gadget
Mar 02, 2020
CVSS 9.8
EPSS 0.38
CVE-2020-9546 CRITICAL
jackson-databind 2.7.0-2.7.9.6 - Deserialization of Untrusted Data via HikariConfig Gadget
Mar 02, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-9391 MEDIUM
Linux Kernel 5.4-5.5.6 - Out-of-bounds Write via brk System Call
Feb 25, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-9383 HIGH
Linux Kernel 3.16-5.5.6 - Out-of-bounds Read in Floppy Disk Driver
Feb 25, 2020
CVSS 7.1
EPSS 0.00
CVE-2020-1938 CRITICAL KEVNUCLEI
Apache Tomcat 7.0.0-7.0.99, 8.5.0-8.5.50, 9.0.0.M1-9.0.0.30 - Remote Code Execution via AJP File Read and JSP Processing
Feb 24, 2020
CVSS 9.8
EPSS 0.94
CVE-2020-1935 MEDIUM
Apache Tomcat 7.0.0-7.0.99, 8.5.0-8.5.50, 9.0.0.M1-9.0.30 - HTTP Request Smuggling via Invalid Transfer-Encoding Header
Feb 24, 2020
CVSS 4.8
EPSS 0.01
CVE-2020-9327 HIGH
Sqlite < 1.0.1.1 - NULL Pointer Dereference
Feb 21, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-4135 HIGH
IBM DB2 9.7, 10.1, 10.5, 11.1, 11.5 - Unauthenticated Denial of Service via Crafted Packets
Feb 19, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-8992 MEDIUM
Linux Kernel < 5.5.3 - Denial of Service via Crafted Journal Size
Feb 14, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-8840 CRITICAL
FasterXML Jackson-Databind <2.9.10.2 - RCE
Feb 10, 2020
CVSS 9.8
EPSS 0.08
CVE-2020-8648 HIGH
Linux kernel <5.5.2 - Use After Free
Feb 06, 2020
CVSS 7.1
EPSS 0.00
CVE-2020-7595 HIGH
libxml2 2.9.10 - Denial of Service via Infinite Loop in xmlStringLenDecodeEntities
Jan 21, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-5398 HIGH
Spring Framework 5.0.0-5.0.15, 5.1.0-5.1.12, 5.2.0-5.2.2 - Reflected File Download via Content-Disposition Header
Jan 17, 2020
CVSS 7.5
EPSS 0.90
CVE-2020-2694 LOW
Oracle MySQL <8.0.18 - Info Disclosure
Jan 15, 2020
CVSS 3.1
EPSS 0.00
CVE-2020-2686 MEDIUM
MySQL Server < 8.0.18 - Authenticated Denial of Service in Optimizer
Jan 15, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-2679 MEDIUM
MySQL Server <= 8.0.18 - Authenticated Denial of Service in Optimizer
Jan 15, 2020
CVSS 4.9
EPSS 0.00
CVE-2020-2660 MEDIUM
MySQL Server <= 5.7.28 and <= 8.0.18 - Authenticated Denial of Service in Optimizer
Jan 15, 2020
CVSS 4.9
EPSS 0.00
CVE-2020-2659 LOW
Oracle JDK 7u241 and 8u231 - Unauthenticated Partial Denial of Service via Networking Component
Jan 15, 2020
CVSS 3.7
EPSS 0.00
Products
oncommand_insight 971 active_iq_unified_manager 848 oncommand_workflow_automation 743 snapcenter 575 cloud_backup 345 h700s_firmware 289 h300s_firmware 288 h410s_firmware 288 h500s_firmware 288 e-series_santricity_os_controller 242 h410c_firmware 236 steelstore_cloud_integrated_storage 211 solidfire 192 clustered_data_ontap 187 hci_management_node 182 snapmanager 180 ontap_select_deploy_administration_utility 179 oncommand_unified_manager 169 h700e_firmware 149 h300e_firmware 148 h500e_firmware 148 e-series_santricity_storage_manager 140 storage_automation_store 113 solidfire_\&_hci_management_node 103 element_software 100 e-series_santricity_web_services 99 oncommand_balance 83 santricity_unified_manager 77 7-mode_transition_tool 75 oncommand_performance_manager 73
Quick Filters
Critical CVEs With Exploits In CISA KEV