Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2018-5481 | OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks. | 7.4 | 0.65% | 2019-01-07 | 2026-06-16 |
| CVE-2018-5497 | Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user. | 4.4 | 0.37% | 2019-01-24 | 2026-06-16 |
| CVE-2018-5498 | Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vulnerability which allows remote authenticated attackers to cause a Denial of Service (DoS) in NFS and SMB environments. Exploitation of this vulnerability will allow a remote authenticated attacker to cause a Denial of Service (DoS) on affected versions of clustered Data ONTAP configured for multiprotocol access. | 4.4 | 1.20% | 2019-02-01 | 2026-06-16 |
| CVE-2018-5499 | ATTO FibreBridge 7500N firmware version 2.95 is susceptible to a vulnerability which allows attackers to cause a Denial of Service (DoS). | 7.5 | 1.32% | 2019-02-12 | 2026-06-16 |
| CVE-2019-5491 | Clustered Data ONTAP versions prior to 9.1P15 and 9.3 prior to 9.3P7 are susceptible to a vulnerability which discloses sensitive information to an unauthenticated user. | 7.5 | 1.90% | 2019-02-27 | 2026-06-16 |
| CVE-2017-15515 | NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scripting vulnerability that could allow a privileged user to inject arbitrary scripts into the custom secondary policy label field. | 4.8 | 0.69% | 2019-03-04 | 2026-06-16 |
| CVE-2018-5482 | NetApp SnapCenter Server prior to 4.1 does not set the secure flag for a sensitive cookie in an HTTPS session which can allow the transmission of the cookie in plain text over an unencrypted channel. | 5.3 | 0.93% | 2019-03-04 | 2026-06-16 |
| CVE-2019-5490 | Certain versions between 2.x to 5.x (refer to advisory) of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Any platform listed in the advisory Impact section may be affected and should be upgraded to a fixed version of Service Processor firmware IMMEDIATELY. | 9.8 | 3.49% | 2019-03-21 | 2026-06-16 |
| CVE-2019-5492 | Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected versions of Element Plug-in for vCenter Server. | 7.5 | 1.54% | 2019-04-29 | 2026-06-16 |
| CVE-2019-5494 | OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. | 7.5 | 0.70% | 2019-05-10 | 2026-06-16 |
| CVE-2019-5495 | OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. | 7.5 | 1.43% | 2019-05-10 | 2026-06-16 |
| CVE-2019-5496 | Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. | 7.5 | 0.70% | 2019-05-10 | 2026-06-16 |
| CVE-2019-5497 | NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution. | 9.8 | 2.87% | 2019-07-01 | 2026-06-16 |
| CVE-2019-5493 | Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker. A successful attack requires that multiple non-default options be enabled. | 7.5 | 1.43% | 2019-08-02 | 2026-06-16 |
| CVE-2019-5501 | Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers. | 7.5 | 1.98% | 2019-08-02 | 2026-06-16 |
| CVE-2019-5502 | SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data. | 9.1 | 0.91% | 2019-08-05 | 2026-06-16 |
| CVE-2019-5498 | OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user. | 6.5 | 1.10% | 2019-08-09 | 2026-06-16 |
| CVE-2019-5503 | OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. | 5.3 | 0.69% | 2019-09-10 | 2026-06-16 |
| CVE-2019-5504 | ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions. | 9.8 | 1.97% | 2019-09-24 | 2026-06-16 |
| CVE-2019-5505 | ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext. | 9.8 | 0.84% | 2019-09-24 | 2026-06-16 |