netapp
2,512 tracked vulnerabilities.
CVE-2017-10090
CRITICAL
Oracle Java SE <8u131 - Info Disclosure
Aug 08, 2017
CVSS 9.6
EPSS 0.03
CVE-2017-10089
CRITICAL
Oracle JDK 6u151, 7u141, 8u131 - Remote Code Execution via ImageIO
Aug 08, 2017
CVSS 9.6
EPSS 0.02
CVE-2017-10087
CRITICAL
Oracle Java SE <8u131 - Info Disclosure
Aug 08, 2017
CVSS 9.6
EPSS 0.03
CVE-2017-10086
CRITICAL
Oracle JDK 7u141 and 8u131 - Unauthenticated Remote Code Execution via JavaFX
Aug 08, 2017
CVSS 9.6
EPSS 0.02
CVE-2017-10081
MEDIUM
Oracle Java SE <8u131 - Unauthenticated RCE
Aug 08, 2017
CVSS 4.3
EPSS 0.02
CVE-2017-10078
HIGH
Oracle JDK 8u131 - Authenticated Data Manipulation and Unauthorized Data Access via Scripting Component
Aug 08, 2017
CVSS 8.1
EPSS 0.02
CVE-2017-10074
HIGH
Oracle Java SE <8u131 - Info Disclosure
Aug 08, 2017
CVSS 8.3
EPSS 0.03
CVE-2017-10067
HIGH
Oracle JDK 6u151, 7u141, 8u131 - Unauthenticated Remote Code Execution via Multiple Protocols
Aug 08, 2017
CVSS 7.5
EPSS 0.03
CVE-2017-10053
MEDIUM
Oracle JDK 6u151, 7u141, 8u131; Java SE Embedded 8u131; JRockit R28.3.14 - DoS in 2D Component
Aug 08, 2017
CVSS 5.3
EPSS 0.03
CVE-2017-8919
MEDIUM
NetApp OnCommand API Services <1.2P3 - Info Disclosure
Jul 25, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-7947
MEDIUM
NetApp Clustered Data ONTAP Password Exposure via Command-Line Logging
Jul 17, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-9788
CRITICAL
Apache httpd <2.2.34 & 2.4.x <2.4.27 - Info Disclosure
Jul 13, 2017
CVSS 9.1
EPSS 0.57
CVE-2017-11147
CRITICAL
PHP < 5.6.30 and 7.x < 7.0.15 - Out-of-bounds Read in PHAR Archive Handler
Jul 10, 2017
CVSS 9.1
EPSS 0.05
CVE-2017-7668
HIGH
Apache HTTP Server 2.2.32-2.4.24 - Out-of-bounds Read via Token List Parsing
Jun 20, 2017
CVSS 7.5
EPSS 0.57
CVE-2017-3167
CRITICAL
Apache HTTP Server 2.2.0-2.2.32 - Authentication Bypass via ap_get_basic_auth_pw()
Jun 20, 2017
CVSS 9.8
EPSS 0.20
CVE-2017-7439
HIGH
NetApp OnCommand Unified Manager Core Package 5.x - Exposure of Sensitive Information via Error Messages
May 26, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-7236
HIGH
NetApp OnCommand Unified Manager Core Package <5.2.2P1 - SQL Injection
May 26, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-9119
CRITICAL
PHP 7.1.5 - Denial of Service via Crafted Array Operations
May 21, 2017
CVSS 9.8
EPSS 0.04
CVE-2017-9078
HIGH
Dropbear SSH < 2017.75 - Authenticated Remote Code Execution via Double Free in TCP Listener Cleanup
May 19, 2017
CVSS 8.8
EPSS 0.05
CVE-2017-5645
CRITICAL
NUCLEI
Apache Log4j 2.0-2.8.1 - Remote Code Execution via Untrusted Data Deserialization
Apr 17, 2017
CVSS 9.8
EPSS 0.89
CVE-2017-7345
MEDIUM
NetApp Clustered Data ONTAP < 7.1 - Unauthenticated Exposure of Sensitive Information via JMX RMI
Apr 10, 2017
CVSS 5.3
EPSS 0.02
CVE-2017-5988
HIGH
NetApp Clustered Data ONTAP 8.1-9.1P1 - Denial of Service via NFS or SMB
Apr 10, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-5638
CRITICAL
KEVNUCLEI
Apache Struts 2.3.x < 2.3.32 and 2.5.x < 2.5.10.1 - Remote Code Execution via Jakarta Multipart Parser
Mar 11, 2017
CVSS 9.8
EPSS 1.00
CVE-2017-5995
HIGH
NetApp ONTAP Select Deploy Administration Utility 2.0-2.2.1 - Exposure of Sensitive Information
Mar 01, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-5600
CRITICAL
NetApp OnCommand Insight < 7.2.3 - Use of Hard-coded Credentials in Data Warehouse
Feb 02, 2017
CVSS 9.8
EPSS 0.02
Products
oncommand_insight 971
active_iq_unified_manager 848
oncommand_workflow_automation 743
snapcenter 575
cloud_backup 345
h700s_firmware 290
h300s_firmware 289
h410s_firmware 289
h500s_firmware 289
e-series_santricity_os_controller 242
h410c_firmware 237
steelstore_cloud_integrated_storage 211
solidfire 192
clustered_data_ontap 187
hci_management_node 182
snapmanager 180
ontap_select_deploy_administration_utility 179
oncommand_unified_manager 169
h700e_firmware 149
h300e_firmware 148
h500e_firmware 148
e-series_santricity_storage_manager 140
storage_automation_store 113
solidfire_\&_hci_management_node 103
element_software 100
e-series_santricity_web_services 99
oncommand_balance 83
santricity_unified_manager 77
7-mode_transition_tool 75
oncommand_performance_manager 73
Quick Filters