Netapp Management_services_for_element_software
27 CVEs affecting Netapp Management_services_for_element_software. Latest disclosed: 2023-08-07. Critical: 1, High: 17.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-37434 | Critical | 9.8 | 2022-08-05 | zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications t… |
CVE-2022-38023 | High | 8.1 | 2022-11-09 | Netlogon RPC Elevation of Privilege Vulnerability |
CVE-2022-37966 | High | 8.1 | 2022-11-09 | Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability |
CVE-2021-22118 | High | 7.8 | 2021-05-27 | In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)cr… |
CVE-2023-37920 | High | 7.5 | 2023-07-25 | Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi… |
CVE-2023-24329 | High | 7.5 | 2023-02-17 | An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank charac… |
CVE-2022-45061 | High | 7.5 | 2022-11-09 | An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decod… |
CVE-2018-25032 | High | 7.5 | 2022-03-25 | zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. |
CVE-2021-3737 | High | 7.5 | 2022-03-04 | A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to… |
CVE-2022-0391 | High | 7.5 | 2022-02-09 | A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The is… |
CVE-2021-42340 | High | 7.5 | 2021-10-14 | The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. Th… |
CVE-2021-32762 | High | 7.5 | 2021-10-04 | Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be vulnerable to integer over… |
CVE-2021-32687 | High | 7.5 | 2021-10-04 | Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap… |
CVE-2021-32675 | High | 7.5 | 2021-10-04 | Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis allocates memory acco… |
CVE-2021-32628 | High | 7.5 | 2021-10-04 | Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all versions of Redis can be e… |
CVE-2021-32627 | High | 7.5 | 2021-10-04 | Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap a… |
CVE-2021-32626 | High | 7.5 | 2021-10-04 | Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-bas… |
CVE-2022-37967 | High | 7.2 | 2022-11-09 | Windows Kerberos Elevation of Privilege Vulnerability |
CVE-2022-23491 | Medium | 6.8 | 2022-12-07 | Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi… |
CVE-2023-36054 | Medium | 6.5 | 2023-08-07 | lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can tr… |