Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp management services for element software and netapp hci - vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-32765
Hiredis is a minimalistic C client library for the Redis database. In affected versions Hiredis is vulnurable to integer overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk` protocol data. When parsing `multi-bulk` (array-like) replies, hiredis fails to check ...
Redis Hiredis
Debian Debian Linux 9.0
Netapp Management Services For Element Software And Netapp Hci -
1 Github repository
5.3
CVSSv3
CVE-2023-2975
Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated...
Openssl Openssl
Netapp Management Services For Element Software And Netapp Hci -
Netapp Ontap Select Deploy Administration Utility -
7.5
CVSSv3
CVE-2021-41079
Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a den...
Apache Tomcat
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Management Services For Element Software And Netapp Hci -
9.8
CVSSv3
CVE-2021-26987
Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions before 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Managemen...
Vmware Spring Boot
Netapp Element Plug-in For Vcenter Server
Netapp Management Services For Element Software And Netapp Hci
Netapp Solidfire & Hci Management Node
2.7
CVSSv3
CVE-2022-2047
In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenar...
Eclipse Jetty
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Element Plug-in For Vcenter Server -
Netapp Management Services For Element Software And Netapp Hci -
Netapp Snapcenter -
Netapp Solidfire & Hci Storage Node -
Netapp Hci Compute Node -
7.5
CVSSv3
CVE-2022-2048
In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no eno...
Eclipse Jetty
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Element Plug-in For Vcenter Server -
Netapp Management Services For Element Software And Netapp Hci -
Netapp Snapcenter -
Netapp Solidfire & Hci Storage Node -
Netapp Hci Compute Node -
Jenkins Jenkins
4.3
CVSSv3
CVE-2021-22096
In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.
Vmware Spring Framework
Netapp Active Iq Unified Manager -
Netapp Management Services For Element Software And Netapp Hci -
Netapp Metrocluster Tiebreaker -
Netapp Snap Creator Framework -
Netapp Snapcenter -
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.15.0
1 Github repository
7.5
CVSSv3
CVE-2021-41099
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the underlying string library can be used to corrupt the heap and potentially result with denial of service or remote code execution. The vulnerability involves changing the default prot...
Redis Redis
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Management Services For Element Software And Netapp Hci -
Oracle Communications Operations Monitor 4.3
Oracle Communications Operations Monitor 4.4
Oracle Communications Operations Monitor 5.0
7.5
CVSSv3
CVE-2021-37714
jsoup is a Java library for working with HTML. Those using jsoup versions before 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck (loop indefinit...
Jsoup Jsoup
Quarkus Quarkus
Oracle Banking Trade Finance 14.5
Oracle Banking Treasury Management 14.5
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Flexcube Universal Banking
Oracle Flexcube Universal Banking 14.5
Oracle Hospitality Token Proxy Service 19.2
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Primavera Unifier 20.12
6.5
CVSSv3
CVE-2021-3733
There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specia...
Python Python
Python Python 3.10.0
Redhat Codeready Linux Builder 8.0
Redhat Codeready Linux Builder For Ibm Z Systems 8.0
Redhat Codeready Linux Builder For Power Little Endian 8.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Power Little Endian Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2024-10401
validation
CVE-2025-0483
CVE-2024-10789
deserialization
CVE-2025-21333
wireless
CVE-2024-13387
CVE-2025-21334
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »