Vulnerabilities (CVE)

Filtered by vendor Netapp Subscribe
Filtered by product Oncommand Workflow Automation
Total 626 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-10384 5 Debian, Mariadb, Netapp and 2 more 17 Debian Linux, Mariadb, Active Iq Unified Manager and 14 more 2024-02-04 4.0 MEDIUM 6.5 MEDIUM
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2016-1894 1 Netapp 1 Oncommand Workflow Automation 2024-02-04 9.3 HIGH 8.1 HIGH
NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors.
CVE-2016-9843 10 Apple, Canonical, Debian and 7 more 24 Iphone Os, Mac Os X, Tvos and 21 more 2024-02-04 7.5 HIGH 9.8 CRITICAL
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
CVE-2016-9841 9 Apple, Canonical, Debian and 6 more 39 Iphone Os, Mac Os X, Tvos and 36 more 2024-02-04 7.5 HIGH 9.8 CRITICAL
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2017-5645 4 Apache, Netapp, Oracle and 1 more 79 Log4j, Oncommand Api Services, Oncommand Insight and 76 more 2024-02-04 7.5 HIGH 9.8 CRITICAL
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
CVE-2015-3292 1 Netapp 1 Oncommand Workflow Automation 2024-02-04 10.0 HIGH N/A
The installer in NetApp OnCommand Workflow Automation before 2.2.1P1 and 3.x before 3.0P1 sets up the Java Debugging Wire Protocol (JDWP) service, which allows remote attackers to execute arbitrary code via unspecified vectors.