Vulnerabilities > Netapp > HCI Storage Node > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-01-08 CVE-2020-8584 Unspecified vulnerability in Netapp products
Element OS versions prior to 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote attacker to perform arbitrary code execution.
network
low complexity
netapp
critical
9.8
2020-10-22 CVE-2019-17006 Improper Input Validation vulnerability in multiple products
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks.
network
low complexity
siemens mozilla netapp CWE-20
critical
9.8
2019-11-07 CVE-2019-18805 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11.
network
low complexity
linux opensuse redhat netapp broadcom CWE-190
critical
9.8
2018-06-26 CVE-2017-7658 HTTP Request Smuggling vulnerability in multiple products
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second.
network
low complexity
eclipse debian oracle hp netapp CWE-444
critical
9.8
2017-05-23 CVE-2016-9841 inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
network
low complexity
zlib opensuse debian canonical oracle redhat apple netapp nodejs
critical
9.8