Netapp Management Services For Element Software — known CVE vulnerabilities
Every CVE whose affected-product data names Netapp Management Services For Element Software, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2022-37434 — CVSS 9.8 (critical): zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE…
CVE-2021-22118 — CVSS 7.8 (high): In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege…
CVE-2021-32675 — CVSS 7.5 (high): Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request, Redis…
CVE-2021-32687 — CVSS 7.5 (high): Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited…
CVE-2021-32762 — CVSS 7.5 (high): Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may be…
CVE-2023-37920 — CVSS 7.5 (high): Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of…
CVE-2021-32626 — CVSS 7.5 (high): Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis…
CVE-2021-32627 — CVSS 7.5 (high): Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited…
CVE-2021-32628 — CVSS 7.5 (high): Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by all…
CVE-2021-3737 — CVSS 7.5 (high): A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls…
CVE-2021-42340 — CVSS 7.5 (high): The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71…
CVE-2022-0391 — CVSS 7.5 (high): A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings…
CVE-2022-45061 — CVSS 7.5 (high): An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the…
CVE-2023-24329 — CVSS 7.5 (high): An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that…
CVE-2018-25032 — CVSS 7.5 (high): zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
CVE-2022-23491 — CVSS 6.8 (medium): Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of…
CVE-2023-36054 — CVSS 6.5 (medium): lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote…
CVE-2021-3671 — CVSS 6.5 (medium): A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request)…
CVE-2022-36033 — CVSS 6.1 (medium): jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly…
CVE-2021-32672 — CVSS 5.3 (medium): Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests…
CVE-2021-28169 — CVSS 5.3 (medium): For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to…
CVE-2020-27223 — CVSS 5.2 (medium): In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple…
CVE-2022-24735 — CVSS 3.9 (low): Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with…
CVE-2022-24736 — CVSS 3.3 (low): Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted…