Vulnerabilities > Netapp > Element Software > Low

DATE CVE VULNERABILITY TITLE RISK
2022-09-23 CVE-2022-35252 When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses.
network
high complexity
haxx netapp apple debian splunk
3.7
2022-04-19 CVE-2022-21443 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).
network
high complexity
oracle netapp debian azul
3.7
2021-08-08 CVE-2021-38203 Improper Locking vulnerability in multiple products
btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.
local
low complexity
linux netapp CWE-667
2.1
2021-08-08 CVE-2021-38199 fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.
low complexity
linux netapp debian
3.3
2019-07-26 CVE-2018-20855 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
An issue was discovered in the Linux kernel before 4.18.7.
local
low complexity
linux opensuse netapp CWE-119
2.1
2019-01-16 CVE-2017-3138 Reachable Assertion vulnerability in multiple products
named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc.
3.5
2019-01-11 CVE-2018-16866 Out-of-bounds Read vulnerability in multiple products
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'.
3.3
2018-03-06 CVE-2018-7170 Unspecified vulnerability in NTP
ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack.
3.5
2017-10-19 CVE-2017-10345 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization).
network
high complexity
oracle debian redhat netapp
2.6
2017-08-08 CVE-2017-10193 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security).
network
high complexity
oracle debian netapp redhat
3.1