Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp element software management node - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-24329
An issue in the urllib.parse component of Python prior to 3.11.4 allows malicious users to bypass blocklisting methods by supplying a URL that starts with blank characters.
Python Python
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Management Services For Element Software -
Netapp Management Services For Netapp Hci -
1 Github repository
7.5
CVSSv3
CVE-2022-45061
An issue exists in Python prior to 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames...
Python Python 3.11.0
Python Python
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Netapp Element Software -
Netapp Ontap Select Deploy Administration Utility -
Netapp Hci -
Netapp Active Iq Unified Manager -
Netapp E-series Performance Analyzer -
Netapp Management Services For Element Software -
Netapp Bootstrap Os -
3.7
CVSSv3
CVE-2022-35252
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.
Haxx Curl
Netapp Element Software -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Apple Macos
Debian Debian Linux 10.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
9.8
CVSSv3
CVE-2022-37434
zlib up to and including 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may...
Zlib Zlib
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Debian Debian Linux 10.0
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Ontap Select Deploy Administration Utility -
Netapp Hci -
Netapp Active Iq Unified Manager -
Netapp Hci Compute Node -
Netapp Management Services For Element Software -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Apple Macos
Apple Iphone Os
Apple Watchos
Apple Ipados
Stormshield Stormshield Network Security
3 Github repositories
2.7
CVSSv3
CVE-2022-2047
In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenar...
Eclipse Jetty
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Snapcenter -
Netapp Hci Compute Node -
Netapp Solidfire \\& Hci Storage Node -
Netapp Element Plug-in For Vcenter Server -
Netapp Management Services For Element Software And Netapp Hci -
7.5
CVSSv3
CVE-2022-2048
In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no eno...
Eclipse Jetty
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Snapcenter -
Netapp Hci Compute Node -
Netapp Solidfire \\& Hci Storage Node -
Netapp Element Plug-in For Vcenter Server -
Netapp Management Services For Element Software And Netapp Hci -
Jenkins Jenkins
4.3
CVSSv3
CVE-2022-32205
A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requ...
Haxx Curl
Fedoraproject Fedora 35
Debian Debian Linux 11.0
Netapp Element Software -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Apple Macos
Siemens Scalance Sc622-2c Firmware
Siemens Scalance Sc626-2c Firmware
Siemens Scalance Sc632-2c Firmware
Siemens Scalance Sc636-2c Firmware
Siemens Scalance Sc642-2c Firmware
Siemens Scalance Sc646-2c Firmware
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
6.5
CVSSv3
CVE-2022-32206
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, a...
Haxx Curl
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Element Software -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Siemens Scalance Sc622-2c Firmware
Siemens Scalance Sc626-2c Firmware
Siemens Scalance Sc632-2c Firmware
Siemens Scalance Sc636-2c Firmware
Siemens Scalance Sc642-2c Firmware
Siemens Scalance Sc646-2c Firmware
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
9.8
CVSSv3
CVE-2022-32207
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the t...
Haxx Curl
Fedoraproject Fedora 35
Debian Debian Linux 11.0
Netapp Element Software -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
5.9
CVSSv3
CVE-2022-32208
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.
Haxx Curl
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Element Software -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Apple Macos
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »
Vulmon