Vulnerabilities > Netapp > E Series Santricity OS Controller > 11.60.3

DATE CVE VULNERABILITY TITLE RISK
2022-01-19 CVE-2022-21349 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D).
network
low complexity
oracle netapp debian
5.3
5.3
2022-01-19 CVE-2022-21360 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO).
network
low complexity
oracle netapp debian
5.3
5.3
2022-01-19 CVE-2022-21365 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO).
network
low complexity
oracle debian netapp
5.3
5.3
2022-01-19 CVE-2022-21366 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO).
network
low complexity
oracle netapp debian
5.3
5.3
2021-12-08 CVE-2021-43527 Out-of-bounds Write vulnerability in multiple products
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures.
network
low complexity
mozilla netapp oracle starwindsoftware CWE-787
critical
 9.8
9.8
2021-10-20 CVE-2021-35603 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE).
network
high complexity
oracle netapp debian fedoraproject
3.7
3.7
2021-10-20 CVE-2021-35586 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO).
network
low complexity
oracle netapp fedoraproject debian
5.3
5.3
2021-10-20 CVE-2021-35588 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).
network
high complexity
oracle netapp fedoraproject debian
3.1
3.1
2021-07-22 CVE-2021-35942 Integer Overflow or Wraparound vulnerability in multiple products
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information.
network
low complexity
gnu netapp debian CWE-190
critical
 9.1
9.1
2021-07-15 CVE-2021-34429 For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints.
network
low complexity
eclipse netapp oracle
5.3
5.3