Vulnerabilities > Netapp > Management Services FOR Element Software

DATE CVE VULNERABILITY TITLE RISK
2023-08-07 CVE-2023-36054 Access of Uninitialized Pointer vulnerability in multiple products
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer.
network
low complexity
mit debian netapp CWE-824
6.5
6.5
2023-07-25 CVE-2023-37920 Insufficient Verification of Data Authenticity vulnerability in multiple products
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts.
network
low complexity
certifi fedoraproject netapp CWE-345
critical
 9.8
9.8
2023-02-17 CVE-2023-24329 Improper Input Validation vulnerability in multiple products
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
network
low complexity
python fedoraproject netapp CWE-20
7.5
7.5
2022-12-07 CVE-2022-23491 Insufficient Verification of Data Authenticity vulnerability in multiple products
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts.
network
low complexity
certifi netapp CWE-345
7.5
7.5
2022-11-09 CVE-2022-45061 Algorithmic Complexity vulnerability in multiple products
An issue was discovered in Python before 3.11.1.
network
low complexity
python fedoraproject netapp CWE-407
7.5
7.5
2022-08-29 CVE-2022-36033 Cross-site Scripting vulnerability in multiple products
jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety.
network
low complexity
jsoup netapp CWE-79
6.1
6.1
2022-08-05 CVE-2022-37434 Out-of-bounds Write vulnerability in multiple products
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field.
network
low complexity
zlib fedoraproject debian netapp apple stormshield CWE-787
critical
 9.8
9.8
2022-04-27 CVE-2022-24735 Redis is an in-memory database that persists on disk.
local
low complexity
redis fedoraproject netapp oracle
7.8
7.8
2022-04-27 CVE-2022-24736 Redis is an in-memory database that persists on disk.
local
low complexity
redis fedoraproject netapp oracle
5.5
5.5
2022-03-25 CVE-2018-25032 Out-of-bounds Write vulnerability in multiple products
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. 		7.5
7.5