Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp element software management - vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-28169
For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the we...
Eclipse Jetty
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Rest Data Services
Oracle Communications Cloud Native Core Policy 1.14.0
Netapp Snap Creator Framework -
Netapp Hci -
Netapp Active Iq Unified Manager -
Netapp Management Services For Element Software -
2 Github repositories
5.3
CVSSv3
CVE-2020-27223
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high ...
Eclipse Jetty 9.4.6
Eclipse Jetty 9.4.36
Eclipse Jetty
Eclipse Jetty 10.0.0
Eclipse Jetty 11.0.0
Apache Spark 3.1.1
Apache Nifi 1.13.0
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Snapmanager -
Netapp Hci -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp E-series Santricity Web Services -
Netapp Element Plug-in For Vcenter Server -
Netapp E-series Santricity Os Controller
Netapp Management Services For Element Software -
Debian Debian Linux 10.0
Apache Solr 8.8.1
Oracle Rest Data Services
2 Github repositories
5.3
CVSSv3
CVE-2020-12888
The VFIO PCI driver in the Linux kernel up to and including 5.6.13 mishandles attempts to access disabled memory space.
Linux Linux Kernel
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Element Software -
Netapp Steelstore Cloud Integrated Storage -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp Bootstrap Os -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
5.3
CVSSv3
CVE-2017-10349
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acc...
Oracle Jdk 1.9.0
Oracle Jre 1.9.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Oracle Jre 1.8.0
Oracle Jre 1.7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Satellite 5.8
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Eus 7.6
4.7
CVSSv3
CVE-2021-3753
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidenti...
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Netapp Element Software -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
4.6
CVSSv3
CVE-2018-19985
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel up to and including 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the ke...
Linux Linux Kernel
Debian Debian Linux 8.0
Netapp Element Software Management Node -
Netapp Active Iq Performance Analytics Services -
4.3
CVSSv3
CVE-2022-32205
A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requ...
Haxx Curl
Fedoraproject Fedora 35
Debian Debian Linux 11.0
Netapp Element Software -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Apple Macos
Siemens Scalance Sc622-2c Firmware
Siemens Scalance Sc626-2c Firmware
Siemens Scalance Sc632-2c Firmware
Siemens Scalance Sc636-2c Firmware
Siemens Scalance Sc642-2c Firmware
Siemens Scalance Sc646-2c Firmware
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
4.3
CVSSv3
CVE-2021-22096
In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.
Vmware Spring Framework
Netapp Snap Creator Framework -
Netapp Snapcenter -
Netapp Active Iq Unified Manager -
Netapp Management Services For Element Software And Netapp Hci -
Netapp Metrocluster Tiebreaker -
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
2 Github repositories
4.3
CVSSv3
CVE-2021-32672
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debuggi...
Redis Redis
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp Management Services For Element Software -
Netapp Management Services For Netapp Hci -
Oracle Communications Operations Monitor 4.3
Oracle Communications Operations Monitor 4.4
Oracle Communications Operations Monitor 5.0
3.7
CVSSv3
CVE-2022-35252
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.
Haxx Curl
Netapp Element Software -
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Apple Macos
Debian Debian Linux 10.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »