threat
engine
.sh
Back
·
··:··
Home
/
Product
/
netapp oncommand api services
Product
netapp oncommand api services
19 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2021-21409
all versions
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high perfor
5.9
MEDIUM
CVE-2021-21295
all versions
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high perfor
5.9
MEDIUM
CVE-2021-20190
all versions
A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typin
8.1
HIGH
CVE-2020-25649
all versions
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerab
7.5
HIGH
CVE-2020-10683
all versions
dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. H
9.8
CRITICAL
CVE-2020-11612
all versions
The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An a
7.5
HIGH
CVE-2019-14893
all versions
A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic de
9.8
CRITICAL
CVE-2020-8840
all versions
FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.p
9.8
CRITICAL
CVE-2019-20330
all versions
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.
9.8
CRITICAL
CVE-2019-17359
all versions
The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMe
7.5
HIGH
CVE-2019-17267
all versions
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.E
9.8
CRITICAL
CVE-2019-16943
all versions
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (eith
9.8
CRITICAL
CVE-2019-16942
all versions
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (eith
9.8
CRITICAL
CVE-2019-16335
all versions
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDa
9.8
CRITICAL
CVE-2019-14540
all versions
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariCo
9.8
CRITICAL
CVE-2018-14550
all versions
An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the func
8.8
HIGH
CVE-2017-15518
<= 2.0
All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database use
7.8
HIGH
CVE-2017-8919
<= 1.2
NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password when a user attempts to log in using the REST API, which al
6.5
MEDIUM
CVE-2017-5645
all versions
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from anot
9.8
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin