Vulnerabilities > Netapp > E Series Santricity OS Controller > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-04-03 CVE-2024-26733 Out-of-bounds Write vulnerability in multiple products
In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get().
local
low complexity
linux debian netapp CWE-787
5.5
5.5
2024-04-03 CVE-2024-26735 Use After Free vulnerability in multiple products
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations structure for the subsystem must be registered before registering the generic netlink family.
local
low complexity
linux debian netapp CWE-416
5.5
5.5
2023-04-18 CVE-2023-26049 Jetty is a java based web server and servlet engine.
network
low complexity
eclipse debian netapp
5.3
5.3
2022-07-27 CVE-2022-36879 An issue was discovered in the Linux kernel through 5.18.14.
local
low complexity
linux debian netapp
5.5
5.5
2022-06-02 CVE-2022-23236 Cleartext Storage of Sensitive Information vulnerability in Netapp E-Series Santricity OS Controller
E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND password in plaintext within a file accessible only to privileged users.
local
low complexity
netapp CWE-312
4.4
4.4
2022-06-02 CVE-2022-23237 Open Redirect vulnerability in Netapp E-Series Santricity OS Controller
E-Series SANtricity OS Controller Software 11.x versions through 11.70.2 are vulnerable to host header injection attacks that could allow an attacker to redirect users to malicious websites.
network
low complexity
netapp CWE-601
6.1
6.1
2022-04-19 CVE-2022-21496 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI).
network
low complexity
oracle netapp debian azul
5.3
5.3
2022-03-25 CVE-2021-4203 A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel.
network
high complexity
linux netapp oracle
6.8
6.8
2022-03-02 CVE-2021-3772 A flaw was found in the Linux SCTP stack.
network
high complexity
linux redhat debian oracle netapp
6.5
6.5
2022-02-26 CVE-2020-36516 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.16.11.
network
high complexity
linux netapp CWE-327
5.9
5.9