Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp e-series performance analyzer vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-33587
The css-what package 4.0.0 up to and including 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.
Css-what Project Css-what 4.0.0
Css-what Project Css-what 5.0.0
Netapp E-series Performance Analyzer -
5
CVSSv2
CVE-2021-33623
The trim-newlines package prior to 3.0.1 and 4.x prior to 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.
Trim-newlines Project Trim-newlines
Netapp E-series Performance Analyzer -
Debian Debian Linux 10.0
5
CVSSv2
CVE-2021-32640
ws is an open source WebSocket client and server library for Node.js. A specially crafted value of the `Sec-Websocket-Protocol` header can be used to significantly slow down a ws server. The vulnerability has been fixed in ws@7.4.6 (https://github.com/websockets/ws/commit/00c425e...
Ws Project Ws
Netapp E-series Performance Analyzer -
1 Github repository
7.5
CVSSv2
CVE-2021-23383
The package handlebars prior to 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source.
Handlebarsjs Handlebars
Netapp E-series Performance Analyzer -
1 Github repository
7.8
CVSSv2
CVE-2021-28165
In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.
Eclipse Jetty
Oracle Communications Services Gatekeeper 7.0
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Siebel Core - Automation
Oracle Communications Element Manager 8.2.2
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
Oracle Rest Data Services
Jenkins Jenkins
Netapp Santricity Cloud Connector -
Netapp E-series Santricity Os Controller
Netapp E-series Performance Analyzer
Netapp Snapcenter
Netapp E-series Santricity Storage
Netapp Santricity Web Services Proxy
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap
Netapp E-series Santricity Web Services
Netapp Ontap Tools
Netapp Cloud Manager
1 Github repository
4
CVSSv2
CVE-2021-28163
In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that m...
Eclipse Jetty 11.0.0
Eclipse Jetty 10.0.0
Eclipse Jetty 11.0.1
Eclipse Jetty 10.0.1
Eclipse Jetty
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Apache Solr 8.8.1
Apache Ignite
Netapp Santricity Cloud Connector -
Netapp Snapcenter -
Netapp E-series Performance Analyzer -
Netapp E-series Santricity Web Services -
Netapp Virtual Storage Console
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap
Netapp Cloud Manager -
Netapp Snapcenter Plug-in -
Netapp Element Plug-in For Vcenter Server -
Netapp E-series Santricity Os Controller
Oracle Banking Digital Experience 20.1
5
CVSSv2
CVE-2021-28164
In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web....
Eclipse Jetty 9.4.37
Eclipse Jetty 9.4.38
Netapp Santricity Cloud Connector -
Netapp Snapcenter -
Netapp E-series Performance Analyzer -
Netapp E-series Santricity Web Services -
Netapp Virtual Storage Console
Netapp Storage Replication Adapter For Clustered Data Ontap
Netapp Vasa Provider For Clustered Data Ontap
Netapp Cloud Manager -
Netapp Snapcenter Plug-in -
Netapp E-series Santricity Os Controller
Netapp Element Plug-in For Vcenter Server -
Oracle Banking Digital Experience 20.1
Oracle Autovue For Agile Product Lifecycle Management 21.0.2
Oracle Siebel Core - Automation
Oracle Communications Session Route Manager
Oracle Banking Digital Experience 21.1
Oracle Banking Apis 20.1
Oracle Banking Apis 21.1
2 Github repositories
4.3
CVSSv2
CVE-2021-3449
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_ce...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Freebsd Freebsd 12.2
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Netapp Cloud Volumes Ontap Mediator -
Netapp E-series Performance Analyzer -
Tenable Tenable.sc
Tenable Nessus
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Fedoraproject Fedora 34
5 Github repositories
1 Article
5
CVSSv2
CVE-2021-21267
Schema-Inspector is an open-source tool to sanitize and validate JS objects (npm package schema-inspector). In before version 2.0.0, email address validation is vulnerable to a denial-of-service attack where some input (for example `a@0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0...
Schema-inspector Project Schema-inspector
Netapp Oncommand Insight -
Netapp E-series Performance Analyzer -
5
CVSSv2
CVE-2021-27358
The snapshot feature in Grafana 6.7.3 up to and including 7.4.1 can allow an unauthenticated remote malicious users to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
Grafana Grafana
Netapp E-series Performance Analyzer -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »