Search Results (2513 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-7974 5 Debian, Netapp, Ntp and 2 more 9 Debian Linux, Clustered Data Ontap, Oncommand Balance and 6 more 2025-04-12 7.7 High
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
CVE-2016-7171 1 Netapp 1 Netapp Plug-in 2025-04-12 N/A
NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation.
CVE-2015-8960 7 Apple, Google, Ietf and 4 more 18 Safari, Chrome, Transport Layer Security and 15 more 2025-04-12 8.1 High
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue.
CVE-2016-7172 1 Netapp 1 Snap Creator Framework 2025-04-12 N/A
NetApp Snap Creator Framework before 4.3.1 discloses sensitive information which could be viewed by an unauthorized user.
CVE-2015-7886 1 Netapp 1 Data Ontap 2025-04-12 N/A
NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are enabled, allows remote attackers to obtain sensitive volume information via unspecified vectors.
CVE-2014-9354 1 Netapp 1 Oncommand Balance 2025-04-12 N/A
NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage.
CVE-2016-5047 1 Netapp 1 Oncommand System Manager 2025-04-12 N/A
NetApp OnCommand System Manager 8.3.x before 8.3.2P5 allows remote authenticated users to cause a denial of service via unspecified vectors.
CVE-2024-20998 2 Netapp, Oracle 6 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 3 more 2025-04-09 4.9 Medium
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21060 2 Netapp, Oracle 5 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 2 more 2025-04-09 4.9 Medium
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Data Dictionary). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21054 2 Netapp, Oracle 5 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 2 more 2025-04-09 4.9 Medium
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21053 3 Netapp, Oracle, Redhat 6 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 3 more 2025-04-09 4.9 Medium
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21052 3 Netapp, Oracle, Redhat 6 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 3 more 2025-04-09 4.9 Medium
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-21492 2 Netapp, Oracle 4 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 1 more 2025-04-09 4.9 Medium
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2022-41858 3 Linux, Netapp, Redhat 8 Linux Kernel, Hci Baseboard Management Controller, Enterprise Linux and 5 more 2025-04-07 7.1 High
A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.
CVE-2024-21051 3 Netapp, Oracle, Redhat 7 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 4 more 2025-03-29 4.9 Medium
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21003 2 Netapp, Oracle 9 Active Iq Unified Manager, Data Infrastructure Insights Acquisition Unit, Data Infrastructure Insights Storage Workload Security Agent and 6 more 2025-03-29 3.1 Low
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).
CVE-2023-5679 4 Fedoraproject, Isc, Netapp and 1 more 5 Fedora, Bind, Active Iq Unified Manager and 2 more 2025-03-29 7.5 High
A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.
CVE-2024-21050 3 Netapp, Oracle, Redhat 7 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 4 more 2025-03-28 4.9 Medium
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21062 2 Netapp, Oracle 6 Active Iq Unified Manager, Oncommand Insight, Oncommand Workflow Automation and 3 more 2025-03-28 4.9 Medium
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2024-21993 1 Netapp 1 Snapcenter 2025-03-27 5.7 Medium
SnapCenter versions prior to 5.0p1 are susceptible to a vulnerability which could allow an authenticated attacker to discover plaintext credentials.