Netapp Oncommand_unified_manager
74 CVEs affecting Netapp Oncommand_unified_manager. Latest disclosed: 2018-01-21. Critical: 18, High: 23.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-7871 | Critical | 9.8 | 2017-08-07 | Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication. |
CVE-2015-7853 | Critical | 9.8 | 2017-08-07 | The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a… |
CVE-2015-7705 | Critical | 9.8 | 2017-08-07 | The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted re… |
CVE-2017-3167 | Critical | 9.8 | 2017-06-20 | In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may l… |
CVE-2016-9841 | Critical | 9.8 | 2017-05-23 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. |
CVE-2017-10346 | Critical | 9.6 | 2017-10-19 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u… |
CVE-2017-10285 | Critical | 9.6 | 2017-10-19 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151… |
CVE-2017-10111 | Critical | 9.6 | 2017-08-08 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 8u131… |
CVE-2017-10110 | Critical | 9.6 | 2017-08-08 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily… |
CVE-2017-10107 | Critical | 9.6 | 2017-08-08 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141… |
CVE-2017-10101 | Critical | 9.6 | 2017-08-08 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141… |
CVE-2017-10096 | Critical | 9.6 | 2017-08-08 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141… |
CVE-2017-10090 | Critical | 9.6 | 2017-08-08 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 a… |
CVE-2017-10089 | Critical | 9.6 | 2017-08-08 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Eas… |
CVE-2017-10087 | Critical | 9.6 | 2017-08-08 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151… |
CVE-2017-10086 | Critical | 9.6 | 2017-08-08 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily expl… |
CVE-2017-9788 | Critical | 9.1 | 2017-07-13 | In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset bef… |
CVE-2017-10102 | Critical | 9.0 | 2017-08-08 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141… |
CVE-2015-7854 | High | 8.8 | 2017-08-07 | Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a deni… |
CVE-2015-7849 | High | 8.8 | 2017-08-07 | Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code… |