Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp oncommand api services - vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2017-8919
NetApp OnCommand API Services prior to 1.2P3 logs the LDAP BIND password when a user attempts to log in using the REST API, which allows remote authenticated users to obtain sensitive password information via unspecified vectors.
Netapp Oncommand Api Services
2.1
CVSSv2
CVE-2017-15518
All versions of OnCommand API Services before 2.1 and NetApp Service Level Manager before 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further ac...
Netapp Oncommand Api Services
Netapp Service Level Manager
Netapp Service Level Manager 1.0
7.5
CVSSv2
CVE-2019-14893
A flaw exists in FasterXML jackson-databind in all versions prior to 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping(...
Fasterxml Jackson-databind
Netapp Oncommand Api Services -
Netapp Steelstore Cloud Integrated Storage -
Oracle Goldengate Stream Analytics
6.8
CVSSv2
CVE-2018-14550
An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.
Libpng Libpng 1.6.35
Oracle Hyperion Infrastructure Technology 11.1.2.6.0
Oracle Mysql Workbench
Netapp Active Iq Unified Manager -
Netapp Oncommand Api Services -
8.3
CVSSv2
CVE-2021-20190
A flaw was found in jackson-databind prior to 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager -
Netapp Oncommand Api Services -
Netapp Oncommand Insight -
Netapp Service Level Manager -
Apache Nifi
Debian Debian Linux 9.0
Oracle Commerce Guided Search And Experience Manager 11.3.2
2.6
CVSSv2
CVE-2021-21295
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request ...
Netty Netty
Netapp Oncommand Api Services -
Netapp Oncommand Workflow Automation -
Debian Debian Linux 10.0
Quarkus Quarkus
Apache Kudu
Apache Zookeeper 3.5.9
Oracle Communications Cloud Native Core Policy 1.14.0
1 Github repository
7.5
CVSSv2
CVE-2021-22931
Node.js prior to 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijac...
Nodejs Node.js
Netapp Active Iq Unified Manager -
Netapp Nextgen Api -
Netapp Oncommand Insight -
Netapp Oncommand Workflow Automation -
Netapp Snapcenter -
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Oracle Mysql Cluster
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
7.5
CVSSv2
CVE-2020-8840
FasterXML jackson-databind 2.0.0 up to and including 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Oncommand Api Services -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Steelstore Cloud Integrated Storage -
Huawei Oceanstor 9000 Firmware V300r006c20
Huawei Oceanstor 9000 Firmware V300r006c20spc100
Huawei Oceanstor 9000 Firmware V300r006c20spc200
Huawei Oceanstor 9000 Firmware V300r006c20spc300
Oracle Global Lifecycle Management Opatch
7 Github repositories
5
CVSSv2
CVE-2020-11612
The ZlibDecoders in Netty 4.1.x prior to 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder.
Netty Netty
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Netapp Oncommand Api Services -
Netapp Oncommand Insight -
Netapp Oncommand Workflow Automation -
Oracle Communications Brm - Elastic Charging Engine 12.0.0.3
Oracle Communications Cloud Native Core Service Communication Proxy 1.5.2
Oracle Communications Design Studio 7.4.2
Oracle Nosql Database
Oracle Siebel Core - Server Framework
7.5
CVSSv2
CVE-2019-17267
A Polymorphic Typing issue exists in FasterXML jackson-databind prior to 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.
Fasterxml Jackson-databind
Netapp Active Iq Unified Manager
Netapp Oncommand Api Services -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Steelstore Cloud Integrated Storage -
Debian Debian Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Oracle Customer Management And Segmentation Foundation
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Retail Customer Management And Segmentation Foundation 17.0
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
XML external entity
XSS
CVE-2024-11335
CVE-2025-26465
adthrive
CVE-2024-12069
google
CVE-2024-13405
apptivo business site crm
movable type (8.4.x series)
code injection
CVE-2024-11778
CVE-2025-0108
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »