Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2016-6904 | Versions of VASA Provider for Clustered Data ONTAP prior to 7.0P1 contain a web server that accepts plain text authentication. This could allow an unauthenticated attacker to obtain authentication credentials. | 8.1 | 1.18% | 2017-12-11 | 2026-06-16 |
| CVE-2017-11461 | NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which could be used to cause a user to perform an unintended action in the user interface. | 4.3 | 1.02% | 2017-11-09 | 2026-06-16 |
| CVE-2017-15514 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | N/A | 0.24% | 2020-05-08 | 2023-11-06 |
| CVE-2017-15515 | NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field. | 4.8 | 0.69% | 2019-03-04 | 2026-06-16 |
| CVE-2017-15516 | NetApp SnapCenter Server versions 1.1 through 2.x are susceptible to a Cross-Site Request Forgery (CSRF) vulnerability which could be used to cause an unintended authenticated action in the user interface. | 8.8 | 0.56% | 2017-11-16 | 2026-06-16 |
| CVE-2017-15517 | AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to obtain sensitive information via unspecified vectors. All users are urged to move to a fixed version and change passwords used by Veritas NetBackup to access the OST shares on the NetApp AltaVault as a precaution. | 5.5 | 0.37% | 2017-11-16 | 2026-06-16 |
| CVE-2017-15518 | All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. All users are urged to move to a fixed version. Since the affected password is changed during every upgrade/installation no further action is required. | 7.8 | 0.34% | 2018-02-23 | 2026-06-16 |
| CVE-2017-15519 | Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. All users are urged to move to version 3.0.1 and perform the mitigation steps or upgrade to 4.0 following the product documentation. | 7.2 | 1.20% | 2018-03-06 | 2026-06-16 |
| CVE-2017-15520 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none | N/A | 0.27% | 2018-01-18 | 2023-11-06 |
| CVE-2017-15521 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none | N/A | 0.27% | 2018-01-18 | 2023-11-06 |
| CVE-2017-15522 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none | N/A | 0.27% | 2018-01-18 | 2023-11-06 |
| CVE-2017-15523 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none | N/A | 0.27% | 2018-01-18 | 2023-11-06 |
| CVE-2017-7568 | NetApp OnCommand Unified Manager for 7-Mode (core package) versions prior to 5.2.3 may disclose sensitive LDAP account information to authenticated users when the LDAP authentication configuration is tested via the user interface. | 5.3 | 1.37% | 2018-06-22 | 2026-06-16 |
| CVE-2018-5480 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | N/A | 0.24% | 2020-05-08 | 2023-11-06 |
| CVE-2018-5481 | OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks. | 7.4 | 0.65% | 2019-01-07 | 2026-06-16 |
| CVE-2018-5482 | NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel. | 5.3 | 0.93% | 2019-03-04 | 2026-06-16 |
| CVE-2018-5483 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | N/A | 0.04% | 2022-08-25 | 2023-11-06 |
| CVE-2018-5484 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | N/A | 0.24% | 2020-05-08 | 2023-11-06 |
| CVE-2018-5485 | NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack. | 7.8 | 0.41% | 2018-05-24 | 2026-06-16 |
| CVE-2018-5486 | NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthorized local attackers to execute arbitrary code. | 7.8 | 0.40% | 2018-04-25 | 2026-06-16 |