Vulnerabilities > Netapp > Element Software > High

DATE CVE VULNERABILITY TITLE RISK
2022-11-09 CVE-2022-45061 Algorithmic Complexity vulnerability in multiple products
An issue was discovered in Python before 3.11.1.
network
low complexity
python fedoraproject netapp CWE-407
7.5
2022-05-25 CVE-2022-1678 An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
network
low complexity
linux netapp
7.5
2022-04-19 CVE-2022-21476 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).
network
low complexity
oracle netapp debian azul
7.5
2021-08-08 CVE-2021-38201 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.
network
low complexity
linux netapp CWE-119
7.5
2021-08-07 CVE-2021-38160 Classic Buffer Overflow vulnerability in multiple products
In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size.
local
low complexity
linux netapp debian redhat CWE-120
7.8
2020-11-28 CVE-2020-29368 Race Condition vulnerability in multiple products
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5.
local
high complexity
linux netapp CWE-362
7.0
2020-04-29 CVE-2020-11884 Race Condition vulnerability in multiple products
In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171.
7.0
2019-11-04 CVE-2019-18683 Use After Free vulnerability in multiple products
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8.
7.0
2019-10-21 CVE-2019-17498 Integer Overflow or Wraparound vulnerability in multiple products
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read.
8.1
2019-02-24 CVE-2019-9077 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in GNU Binutils 2.32.
local
low complexity
gnu netapp canonical f5 CWE-787
7.8