VIR Vulnerability Intelligence Relay

Search

Found 96 results in 52ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2025-26465 medium 6.8 6.8 FIX rhel rocky sles openbsdnetappredhat 1y ago A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occur…
CVE-2024-21262 medium 6.5 6.5 netapporacle 2y ago Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 9.0.0 and prior. Easily exploitable vulnerability allows unauthent…
CVE-2024-34397 medium 5.2 5.2 FIX rhel rockydebian debian gnomenetapp 2y ago RHSA-2025:11327: glib2 security update (Moderate)
CVE-2024-33600 medium 5.9 5.9 FIX rhel rockydebian debian gnunetapp 2y ago RHSA-2024:3344: glibc security update (Important)
CVE-2023-27043 medium 5.3 5.3 FIX rhel rocky sles netapppython 2y ago The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In …
CVE-2023-25136 medium 6.5 6.5 FIX arch arch rheldebian debian openbsdnetapp 3y ago OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote a…
CVE-2023-21968 low 3.7 3.7 FIX rhel rocky sles oraclenetapp 3y ago RHSA-2023:4103: java-1.8.0-ibm security update (Important)
CVE-2022-39399 low 3.7 3.7 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2022:7012: java-11-openjdk security and bug fix update (Moderate)
CVE-2022-21626 medium 5.3 5.3 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2023:0128: java-1.8.0-ibm security update (Moderate)
CVE-2022-21624 low 3.7 3.7 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2023:0128: java-1.8.0-ibm security update (Moderate)
CVE-2022-21619 low 3.7 3.7 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2023:0128: java-1.8.0-ibm security update (Moderate)
CVE-2022-21618 medium 5.3 5.3 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2022:7012: java-11-openjdk security and bug fix update (Moderate)
CVE-2022-21549 medium 5.3 5.3 FIX rhel sles rocky oracleazulnetapp 4y ago RHSA-2022:5726: java-17-openjdk security, bug fix, and enhancement update (Important)
CVE-2022-21540 medium 5.3 5.3 FIX rhel sles rocky oraclenetappazul 4y ago RHSA-2022:5726: java-17-openjdk security, bug fix, and enhancement update (Important)
CVE-2022-27774 medium 5.7 5.7 FIX rhelarch archdebian debian haxxnetappsplunk 4y ago An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is …
CVE-2019-13118 medium 5.3 5.3 FIX slesdebian debiansuse suse xmlsoftnetapporacle 4y ago In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, …
CVE-2022-21366 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0185: java-11-openjdk security update (Moderate)
CVE-2022-21360 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21341 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21340 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21305 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21299 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21296 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21294 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21293 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)
CVE-2022-21291 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0185: java-11-openjdk security update (Moderate)
CVE-2022-21283 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21282 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0307: java-1.8.0-openjdk security and bug fix update (Moderate)
CVE-2022-21277 medium 5.3 5.3 FIX sles rockydebian debian oraclenetapp 4y ago RHSA-2022:0185: java-11-openjdk security update (Moderate)
CVE-2021-45105 medium 5.9 5.9 FIX debian debian sles apachenetappsonicwall 5y ago Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thre…
CVE-2021-35556 medium 5.3 5.3 FIX arch arch sles rocky oraclenetapp 5y ago RHSA-2022:0345: java-1.8.0-ibm security update (Important)
CVE-2016-20012 medium 5.3 5.3 FIX slesarch archdebian debian openbsdnetapp 5y ago OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occu…
CVE-2021-22897 medium 5.3 5.3 FIX arch archdebian debian haxxoraclenetapp 5y ago curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The s…
CVE-2021-3522 medium 5.5 5.5 FIX debian debian sles gstreamernetapporacle 5y ago GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.
CVE-2019-16168 medium 6.5 6.5 FIX rocky slesdebian debian sqlitenetapptenable 5y ago RHSA-2021:1968: mingw packages security and bug fix update (Moderate)
CVE-2020-1971 medium 5.9 5.9 FIX arch arch slesdebian debian openssloraclenetapp 6y ago RHSA-2020:5476: openssl security and bug fix update (Important)
CVE-2019-15213 medium 4.6 4.6 FIX slesdebian debian linux-kernel netapp 7y ago An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-7317 medium 5.3 5.3 FIX arch arch slesdebian debian libpngoraclehp 7y ago png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
CVE-2019-6109 medium 6.8 6.8 FIX arch arch slesubuntu ubuntu openbsdwinscpnetapp 7y ago An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the…
CVE-2017-5753 medium 5.6 6.6 EXPFIX arch arch slesdebian debian inteloraclesynology 9y ago Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-14583 medium 6.5 6.5 netapp 9y ago NetApp Clustered Data ONTAP versions 9.x prior to 9.1P10 and 9.2P2 are susceptible to a vulnerability which allows an attacker to cause a Denial of Service (DoS) in SMB environments.
CVE-2017-15707 medium 6.2 6.2 apachenetapporacle 9y ago Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin
CVE-2017-15517 medium 5.5 5.5 netapp 9y ago AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to obtain sensitive information via unspecified vectors. All users are urged to move to a fixed version and change passwords used by …
CVE-2017-5201 medium 5.7 5.7 netapp 9y ago NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors, a different vulnerability tha…
CVE-2017-11461 medium 4.3 4.3 netapp 9y ago NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintende…
CVE-2017-15906 medium 5.3 5.3 FIX slesdebian debian rhel openbsdoraclenetapp 9y ago The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
CVE-2010-5312 medium 6.1 6.1 FIX debian debianfedora fedora jqueryuinetappapache 9y ago Cross-site Scripting in jquery-ui
CVE-2017-10384 medium 6.5 6.5 slesdebian debian rhel oraclemariadbnetapp 9y ago Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily expl…
CVE-2017-10379 medium 6.5 6.5 slesdebian debian rhel oraclemariadbredhat 9y ago Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Ea…
CVE-2017-10378 medium 6.5 6.5 slesdebian debian rhel oraclemariadbredhat 9y ago Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.11 and earlier. …
CVE-2017-10365 low 3.8 3.8 sles oraclemariadbnetapp 9y ago Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high p…
CVE-2017-10357 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded…
CVE-2017-10356 medium 6.2 6.2 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embe…
CVE-2017-10355 medium 5.3 6.3 EXPFIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Em…
CVE-2017-10350 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easil…
CVE-2017-10349 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. …
CVE-2017-10348 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u…
CVE-2017-10347 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. …
CVE-2017-10345 low 3.1 3.1 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE…
CVE-2017-10320 medium 4.9 4.9 sles oraclemariadbnetapp 9y ago Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high p…
CVE-2017-10295 medium 4.0 4.0 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Em…
CVE-2017-10293 medium 6.1 6.1 FIX slesdebian debian oraclenetapp 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Javadoc). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Easily exploitable vulnerability allows …
CVE-2017-10286 medium 4.4 4.4 sles oraclenetappmariadb 9y ago Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vu…
CVE-2017-10281 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE…
CVE-2017-10274 medium 6.8 6.8 FIX slesdebian debian rhel oraclenetapp 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability…
CVE-2017-10268 medium 4.1 4.1 slesdebian debian rhel oracleredhatmariadb 9y ago Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier…
CVE-2016-1895 medium 6.5 6.5 netapp 9y ago NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to cause a denial of service via vectors related to unsafe user input string handling.
CVE-2017-12422 medium 6.5 6.5 netapp 9y ago NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10.4.0.2 allow remote authenticated users to delete arbitrary objects via unspecified vectors.
CVE-2016-6794 medium 5.3 5.3 slesdebian debian rhel apacheredhatnetapp 9y ago System Property Disclosure in Apache Tomcat
CVE-2016-0762 medium 5.9 5.9 slesdebian debian rhel apacheredhatnetapp 9y ago Observable Discrepancy in Apache Tomcat
CVE-2017-10243 medium 6.5 6.5 FIX slesdebian debian rhel netapporacleredhat 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded:…
CVE-2017-10198 medium 6.8 6.8 FIX slesdebian debian rhel oraclephoenixcontactnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedde…
CVE-2017-10193 low 3.1 3.1 FIX slesdebian debian rhel oraclenetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131.…
CVE-2017-10135 medium 5.9 5.9 FIX slesdebian debian rhel oraclephoenixcontactnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u…
CVE-2017-10109 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Em…
CVE-2017-10108 medium 5.3 5.3 FIX slesdebian debian rhel oraclephoenixcontactredhat 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Em…
CVE-2017-10105 medium 4.3 4.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows …
CVE-2017-10081 medium 4.3 4.3 FIX slesdebian debian oraclenetapp 9y ago Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. …
CVE-2017-10053 medium 5.3 5.3 FIX slesdebian debian rhel oracleredhatnetapp 9y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u1…
CVE-2015-7855 medium 6.5 7.5 EXPFIX debian debian ntpnetapp 9y ago The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a l…
CVE-2015-7852 medium 5.9 5.9 FIX debian debian rhel ntpnetapp 9y ago ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.
CVE-2015-7850 medium 6.5 6.5 FIX debian debian ntpnetapp 9y ago ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.
CVE-2015-7702 medium 6.5 6.5 FIX debian debian rhel ntpnetapp 9y ago The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomple…
CVE-2017-8919 medium 6.5 6.5 netapp 9y ago NetApp OnCommand API Services before 1.2P3 logs the LDAP BIND password when a user attempts to log in using the REST API, which allows remote authenticated users to obtain sensitive password informat…
CVE-2017-7947 medium 6.5 6.5 netapp 9y ago NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to obtain sensitive password information by leveraging logging of passwords entered non-interactively on …
CVE-2017-7345 medium 5.3 5.3 netapp 9y ago NetApp OnCommand Performance Manager and OnCommand Unified Manager for Clustered Data ONTAP before 7.1P1 improperly bind the Java Management Extension Remote Method Invocation (aka JMX RMI) service t…
CVE-2016-5372 medium 6.3 6.3 netapp 9y ago Cross-site request forgery (CSRF) vulnerability in NetApp Snap Creator Framework before 4.3.0P1 allows remote attackers to hijack the authentication of users for requests that have unspecified impact…
CVE-2016-2518 medium 5.3 5.3 FIX slesdebian debian rhel ntpnetapporacle 10y ago The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
CVE-2015-7977 medium 5.9 5.9 FIX slesdebian debianfedora fedora ntpnetapp 10y ago ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
CVE-2015-7973 medium 6.5 6.5 FIX slesdebian debianubuntu ubuntu ntpnetapp 10y ago NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.
CVE-2015-8020 low 3.7 3.7 netapp 10y ago Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default privileged account which under certain conditions can be used for unauthorized information disclosure.
CVE-2016-7171 medium 5.6 5.6 netapp 10y ago NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation.
CVE-2016-5047 medium 6.5 6.5 netapp 10y ago NetApp OnCommand System Manager 8.3.x before 8.3.2P5 allows remote authenticated users to cause a denial of service via unspecified vectors.
CVE-2016-3064 medium 6.5 6.5 netapp 10y ago NetApp Clustered Data ONTAP before 8.2.4P4 and 8.3.x before 8.3.2P2 allows remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors.
CVE-2016-7103 medium 6.1 6.1 FIX slesdebian debianfedora fedora jqueryuioraclenetapp 10y ago jQuery-UI vulnerable to Cross-site Scripting in dialog closeText
CVE-2014-9354 medium 4.0 netapp 12y ago NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage.