Netapp Hci
16 CVEs affecting Netapp Hci. Latest disclosed: 2023-08-07. Critical: 2, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-37434 | Critical | 9.8 | 2022-08-05 | zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications t… |
CVE-2023-32250 | Critical | 9.0 | 2023-07-10 | A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP com… |
CVE-2021-22118 | High | 7.8 | 2021-05-27 | In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)cr… |
CVE-2019-14815 | High | 7.8 | 2019-11-25 | A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. |
CVE-2022-45061 | High | 7.5 | 2022-11-09 | An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decod… |
CVE-2021-3737 | High | 7.5 | 2022-03-04 | A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to… |
CVE-2022-0391 | High | 7.5 | 2022-02-09 | A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The is… |
CVE-2021-42340 | High | 7.5 | 2021-10-14 | The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. Th… |
CVE-2020-8583 | High | 7.5 | 2020-11-13 | Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an attacker to discover sensitive… |
CVE-2018-7185 | High | 7.5 | 2018-03-06 | The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zer… |
CVE-2023-36054 | Medium | 6.5 | 2023-08-07 | lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can tr… |
CVE-2020-8582 | Medium | 6.5 | 2020-11-13 | Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an authenticated user to view sens… |
CVE-2017-5753 | Medium | 5.6 | 2018-01-04 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local u… |
CVE-2021-28169 | Medium | 5.3 | 2021-06-09 | For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected res… |
CVE-2018-7170 | Medium | 5.3 | 2018-03-06 | ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral as… |
CVE-2020-27223 | Medium | 5.2 | 2021-02-26 | In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a lar… |