Vulnerabilities > Netapp > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-11 | CVE-2021-22897 | Exposure of Resource to Wrong Sphere vulnerability in multiple products curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. | 5.3 |
2021-06-11 | CVE-2021-26993 | Unspecified vulnerability in Netapp E-Series Santricity OS Controller E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to cause a partial Denial of Service (DoS) to the web server. | 5.3 |
2021-06-11 | CVE-2021-26997 | Information Exposure Through an Error Message vulnerability in Netapp E-Series Santricity OS Controller E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover information via error messaging which may aid in crafting more complex attacks. | 6.5 |
2021-06-10 | CVE-2021-20293 | Cross-site Scripting vulnerability in multiple products A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType. | 6.1 |
2021-06-10 | CVE-2020-13938 | Missing Authorization vulnerability in multiple products Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows | 5.5 |
2021-06-09 | CVE-2020-12357 | Improper Initialization vulnerability in multiple products Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
2021-06-09 | CVE-2020-12358 | Out-of-bounds Write vulnerability in multiple products Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. | 4.4 |
2021-06-09 | CVE-2020-12359 | Insufficient control flow management in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | 6.8 |
2021-06-09 | CVE-2020-24486 | Improper Input Validation vulnerability in multiple products Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
2021-06-09 | CVE-2020-24511 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 6.5 |