Oncommand balance
This hub aggregates every CVE we track for Oncommand balance, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
83
CVEs tracked
20
Critical
24
High
7
In CISA KEV
Severity distribution
MEDIUM35HIGH24CRITICAL20LOW4
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Oncommand balance.
- CVE-2017-3140An error processing RPZ rules can cause named to loop endlessly after handling a query3.7
- CVE-2017-3138named exits with a REQUIRE assertion failure if it receives a null command string on its control channel6.5
- CVE-2017-3136An error handling synthesized records could cause an assertion failure when using DNS64 with "break-dnssec yes;"5.9
- CVE-2017-3137A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME7.5
- CVE-2017-7525A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the malicio...9.8
- CVE-2017-15095A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously cra...9.8
- CVE-2017-15707In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.6.2
- CVE-2016-8610A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remo...7.5
- CVE-2017-10357Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedd...5.3
- CVE-2017-10356Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Em...6.2
- CVE-2017-10355Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE ...5.3
- CVE-2017-10286Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit ...4.4
- CVE-2017-10268Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earli...4.1
- CVE-2017-10384Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.57 and earlier 5.6.37 and earlier 5.7.19 and earlier. Easily ex...6.5
- CVE-2017-10285Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144....9.6
Product normalization is registry-driven with AI assist and human review. How it works