Vulnerabilities > Netapp > E Series Santricity OS Controller > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-12-08 CVE-2021-43527 Out-of-bounds Write vulnerability in multiple products
NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures.
network
low complexity
mozilla netapp oracle starwindsoftware CWE-787
critical
 9.8
9.8
2021-08-24 CVE-2021-3711 Classic Buffer Overflow vulnerability in multiple products
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt().
network
low complexity
openssl debian netapp oracle tenable CWE-120
critical
 9.8
9.8
2021-07-22 CVE-2021-35942 Integer Overflow or Wraparound vulnerability in multiple products
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information.
network
low complexity
gnu netapp debian CWE-190
critical
 9.1
9.1
2021-05-25 CVE-2021-33574 Use After Free vulnerability in multiple products
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free.
network
low complexity
gnu fedoraproject netapp debian CWE-416
critical
 9.8
9.8
2019-11-07 CVE-2019-18805 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11.
network
low complexity
linux opensuse redhat netapp broadcom CWE-190
critical
 9.8
9.8
2019-08-09 CVE-2019-12260 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4).
network
low complexity
windriver sonicwall siemens netapp oracle belden CWE-120
critical
 9.8
9.8
2019-08-09 CVE-2019-12261 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4).
network
low complexity
windriver sonicwall siemens netapp oracle belden CWE-120
critical
 9.8
9.8
2019-08-09 CVE-2019-12255 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4).
network
low complexity
windriver netapp sonicwall siemens belden CWE-120
critical
 9.8
9.8
2019-08-09 CVE-2019-12256 Classic Buffer Overflow vulnerability in multiple products
Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component.
network
low complexity
windriver netapp sonicwall siemens belden CWE-120
critical
 9.8
9.8
2019-04-10 CVE-2019-11068 libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code.
network
low complexity
xmlsoft canonical debian fedoraproject oracle netapp opensuse
critical
 9.8
9.8