Vulnerabilities > Netapp > E Series Santricity OS Controller > 11.0

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-18	CVE-2023-26049	Jetty is a java based web server and servlet engine. network low complexity eclipse debian netapp	5.3
2022-07-27	CVE-2022-36879	An issue was discovered in the Linux kernel through 5.18.14. local low complexity linux debian netapp	5.5
2022-05-25	CVE-2022-1678	An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients. network low complexity linux netapp	7.5
2022-03-02	CVE-2021-3772	A flaw was found in the Linux SCTP stack. network high complexity linux redhat debian oracle netapp	6.5
2022-02-26	CVE-2020-36516	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products An issue was discovered in the Linux kernel through 5.16.11. network high complexity linux netapp CWE-327	5.9
2022-02-18	CVE-2021-20322	Use of Insufficiently Random Values vulnerability in multiple products A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. network high complexity linux fedoraproject debian netapp oracle CWE-330	7.4
2021-12-08	CVE-2021-43527	Out-of-bounds Write vulnerability in multiple products NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. network low complexity mozilla netapp oracle starwindsoftware CWE-787 critical	9.8
2021-08-24	CVE-2021-3711	Classic Buffer Overflow vulnerability in multiple products In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). network low complexity openssl debian netapp oracle tenable CWE-120 critical	9.8
2021-08-24	CVE-2021-3712	Out-of-bounds Read vulnerability in multiple products ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. network high complexity openssl debian netapp mcafee tenable oracle siemens CWE-125	7.4
2021-07-22	CVE-2021-35942	Integer Overflow or Wraparound vulnerability in multiple products The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. network low complexity gnu netapp debian CWE-190 critical	9.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.