threat
engine
.sh
Back
·
··:··
Home
/
Product
/
netapp management services for element software
Product
netapp management services for element software
27 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2023-36054
all versions
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A rem
6.5
MEDIUM
CVE-2023-37920
all versions
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the id
7.5
HIGH
CVE-2023-24329
all versions
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL
7.5
HIGH
CVE-2022-23491
all versions
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the id
6.8
MEDIUM
CVE-2022-38023
all versions
Netlogon RPC Elevation of Privilege Vulnerability
8.1
HIGH
CVE-2022-37967
all versions
Windows Kerberos Elevation of Privilege Vulnerability
7.2
HIGH
CVE-2022-37966
all versions
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
8.1
HIGH
CVE-2022-45061
all versions
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs
7.5
HIGH
CVE-2022-36033
all versions
jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrec
6.1
MEDIUM
CVE-2022-37434
all versions
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra fie
9.8
CRITICAL
CVE-2022-24736
all versions
Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a speciall
3.3
LOW
CVE-2022-24735
all versions
Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacke
3.9
LOW
CVE-2018-25032
all versions
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
7.5
HIGH
CVE-2021-3737
all versions
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who
7.5
HIGH
CVE-2022-0391
all versions
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) st
7.5
HIGH
CVE-2021-42340
all versions
The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71
7.5
HIGH
CVE-2021-3671
all versions
A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server -
6.5
MEDIUM
CVE-2021-32762
all versions
Redis is an open source, in-memory database that persists on disk. The redis-cli command line tool and redis-sentinel service may
7.5
HIGH
CVE-2021-32687
all versions
Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be
7.5
HIGH
CVE-2021-32675
all versions
Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol (RESP) request
7.5
HIGH
CVE-2021-32672
all versions
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed req
5.3
MEDIUM
CVE-2021-32628
all versions
Redis is an open source, in-memory database that persists on disk. An integer overflow bug in the ziplist data structure used by a
7.5
HIGH
CVE-2021-32627
all versions
Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be ex
7.5
HIGH
CVE-2021-32626
all versions
Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in
7.5
HIGH
CVE-2021-28169
all versions
For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded
5.3
MEDIUM
CVE-2021-22118
all versions
In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a pr
7.8
HIGH
CVE-2020-27223
all versions
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multi
5.2
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin