CVSS: 4.9EPSS: 0%CPEs: 7EXPL: 0CVE-2018-3212
https://notcve.org/view.php?id=CVE-2018-3212
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Information Schema). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/105607 http://www.securitytracker.com/id/1041888 https://security.netapp.com/advisory/ntap-20181018-0002 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5485
https://notcve.org/view.php?id=CVE-2018-5485
NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack. NetApp OnCommand Unified Manager for Windows, de la versión 7.2 a la 7.3, es susceptible a una vulnerabilidad que podría conducir a un ataque de escalado de privilegios. • https://security.netapp.com/advisory/ntap-20180523-0002 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5487
https://notcve.org/view.php?id=CVE-2018-5487
NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution. NetApp OnCommand Unified Manager for Linux, de la versión 7.2 hasta la 7.3, se distribuye con el servicio Java Management Extension Remote Method Invocation (JMX RMI) enlazado a la red y es susceptible a la ejecución remota de código sin autenticación. • https://security.netapp.com/advisory/ntap-20180523-0001 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-5486
https://notcve.org/view.php?id=CVE-2018-5486
NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthorized local attackers to execute arbitrary code. NetApp OnCommand Unified Manager for Linux, de la versión 7.2 a la 7.3, se distribuye con el protocolo Java Debug Wire Protocol (JDWP) habilitado, lo que permite que atacantes locales no autorizados ejecuten código arbitrario. • https://security.netapp.com/advisory/ntap-20180425-0001 • CWE-306: Missing Authentication for Critical Function •
CVSS: 8.3EPSS: 0%CPEs: 25EXPL: 0CVE-2018-2826 – Oracle Java MethodHandles tryFinally Type Confusion Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2018-2826
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.securityfocus.com/bid/103796 http://www.securitytracker.com/id/1040697 https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 https://security.netapp.com/advisory/ntap-20180419-0001 https://usn.ubuntu.com/3747-1 •