Netapp

Oncommand Insight

971 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 17.67%
  • Veröffentlicht 19.07.2022 18:15:11
  • Zuletzt bearbeitet 27.05.2026 14:16:39

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Use...

  • EPSS 0.91%
  • Veröffentlicht 24.06.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:01:46

IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a low level user to obtain sensitive information from the details of the 'Cloud Storage' page for which they should not have access. IBM X-Force ID: 202682.

  • EPSS 1.59%
  • Veröffentlicht 24.06.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:18:15

IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 could allow a remote attacker to upload arbitrary files, caused by improper content validation. IBM X-Force ID: 211238.

  • EPSS 0.83%
  • Veröffentlicht 24.06.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:18:29

IBM Planning Analytics 2.0 and IBM Cognos Analytics 11.2.1, 11.2.0, and 11.1.7 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential...

Exploit
  • EPSS 3.45%
  • Veröffentlicht 02.06.2022 14:15:43
  • Zuletzt bearbeitet 21.11.2024 06:56:10

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.

  • EPSS 1.06%
  • Veröffentlicht 24.05.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:56

A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2...

  • EPSS 1.18%
  • Veröffentlicht 24.05.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:01

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw af...

  • EPSS 1.98%
  • Veröffentlicht 12.05.2022 20:15:15
  • Zuletzt bearbeitet 21.11.2024 06:47:42

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model o...

  • EPSS 3.13%
  • Veröffentlicht 12.05.2022 20:15:15
  • Zuletzt bearbeitet 21.11.2024 06:47:43

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user.

  • EPSS 83.22%
  • Veröffentlicht 03.05.2022 16:15:18
  • Zuletzt bearbeitet 13.08.2025 14:15:28

The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execut...