Netapp

Oncommand Balance

83 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.1

CVE-2017-10268

  • EPSS 0.04%
  • Published 19.10.2017 17:29:01
  • Last modified 20.04.2025 01:37:25

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high pr...

9

CVE-2016-4461

  • EPSS 2.63%
  • Published 16.10.2017 16:29:00
  • Last modified 20.04.2025 01:37:25

Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0785.

8.1

CVE-2017-12617

Warning Exploit
  • EPSS 94.37%
  • Published 04.10.2017 01:29:02
  • Last modified 20.04.2025 01:37:25

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload ...

8.1

CVE-2017-12615

Warning Exploit
  • EPSS 94.36%
  • Published 19.09.2017 13:29:00
  • Last modified 20.04.2025 01:37:25

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP...

8.1

CVE-2017-9805

Warning Exploit
  • EPSS 94.39%
  • Published 15.09.2017 19:29:00
  • Last modified 20.04.2025 01:37:25

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing X...

6.5

CVE-2017-10243

  • EPSS 0.95%
  • Published 08.08.2017 15:29:07
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulne...

6.8

CVE-2017-10198

  • EPSS 0.34%
  • Published 08.08.2017 15:29:05
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit v...

3.1

CVE-2017-10193

  • EPSS 0.55%
  • Published 08.08.2017 15:29:05
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthen...

7.5

CVE-2017-10176

  • EPSS 1.77%
  • Published 08.08.2017 15:29:05
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerabil...

5.9

CVE-2017-10135

  • EPSS 0.34%
  • Published 08.08.2017 15:29:04
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulner...