Vulnerabilities > Netapp > E Series Performance Analyzer > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-19 CVE-2021-21267 Schema-Inspector is an open-source tool to sanitize and validate JS objects (npm package schema-inspector).
network
low complexity
schema-inspector-project netapp
7.5
2021-03-18 CVE-2021-27358 The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
network
low complexity
grafana netapp
7.5
2021-03-03 CVE-2021-22884 Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”.
network
high complexity
nodejs fedoraproject netapp oracle siemens
7.5
2021-03-03 CVE-2021-22883 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established.
network
low complexity
nodejs fedoraproject netapp oracle siemens CWE-772
7.5
2021-02-15 CVE-2021-27219 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5
2021-02-15 CVE-2021-27218 Incorrect Conversion between Numeric Types vulnerability in multiple products
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4.
network
low complexity
gnome fedoraproject debian netapp broadcom CWE-681
7.5
2020-06-03 CVE-2020-13379 Server-Side Request Forgery (SSRF) vulnerability in multiple products
The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue.
network
low complexity
grafana fedoraproject netapp opensuse CWE-918
8.2
2020-04-21 CVE-2020-1967 NULL Pointer Dereference vulnerability in multiple products
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension.
7.5
2020-04-15 CVE-2020-2816 Vulnerability in the Java SE product of Oracle Java SE (component: JSSE).
network
low complexity
oracle netapp canonical debian opensuse
7.5
2020-04-15 CVE-2020-2805 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). 8.3