Every CVE whose affected-product data names Netapp Hci, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (16)
CVE-2022-37434 — CVSS 9.8 (critical): zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE…
CVE-2023-32250 — CVSS 9.0 (critical): A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of…
CVE-2021-22118 — CVSS 7.8 (high): In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege…
CVE-2019-14815 — CVSS 7.8 (high): A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
CVE-2022-0391 — CVSS 7.5 (high): A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings…
CVE-2018-7185 — CVSS 7.5 (high): The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending…
CVE-2020-8583 — CVSS 7.5 (high): Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an attacker to…
CVE-2021-3737 — CVSS 7.5 (high): A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls…
CVE-2021-42340 — CVSS 7.5 (high): The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71…
CVE-2022-45061 — CVSS 7.5 (high): An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the…
CVE-2020-8582 — CVSS 6.5 (medium): Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an…
CVE-2023-36054 — CVSS 6.5 (medium): lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote…
CVE-2017-5753 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an…
CVE-2021-28169 — CVSS 5.3 (medium): For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to…
CVE-2018-7170 — CVSS 5.3 (medium): ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create…
CVE-2020-27223 — CVSS 5.2 (medium): In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple…