Netapp Oncommand_workflow_automation
57 CVEs affecting Netapp Oncommand_workflow_automation. Latest disclosed: 2023-10-18. Critical: 8, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-38545 | Critical | 9.8 | 2023-10-18 | This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow t… |
CVE-2019-17571 | Critical | 9.8 | 2019-12-20 | Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code… |
CVE-2019-11068 | Critical | 9.8 | 2019-04-10 | libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error… |
CVE-2016-9843 | Critical | 9.8 | 2017-05-23 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calcula… |
CVE-2016-9841 | Critical | 9.8 | 2017-05-23 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. |
CVE-2017-5645 | Critical | 9.8 | 2017-04-17 | In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially… |
CVE-2017-10346 | Critical | 9.6 | 2017-10-19 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u… |
CVE-2017-10285 | Critical | 9.6 | 2017-10-19 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151… |
CVE-2016-1894 | High | 8.1 | 2017-02-07 | NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass authentication via unspecified vectors. |
CVE-2021-22926 | High | 7.5 | 2021-08-05 | libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with th… |
CVE-2016-8610 | High | 7.5 | 2017-11-13 | A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets… |
CVE-2017-10388 | High | 7.5 | 2017-10-19 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161… |
CVE-2017-10309 | High | 7.1 | 2017-10-19 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u144 and 9. Easily expl… |
CVE-2017-10274 | Medium | 6.8 | 2017-10-19 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 a… |
CVE-2019-16168 | Medium | 6.5 | 2019-09-09 | In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field… |
CVE-2017-10384 | Medium | 6.5 | 2017-10-19 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and… |
CVE-2017-10379 | Medium | 6.5 | 2017-10-19 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier, 5.6.3… |
CVE-2017-10378 | Medium | 6.5 | 2017-10-19 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6… |
CVE-2017-10356 | Medium | 6.2 | 2017-10-19 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE… |
CVE-2017-10293 | Medium | 6.1 | 2017-10-19 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9… |