Vulnerabilities > Netapp > Solidfire > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-19 CVE-2022-21341 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization).
network
low complexity
oracle netapp debian
5.3
5.3
2022-01-19 CVE-2022-21349 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D).
network
low complexity
oracle netapp debian
5.3
5.3
2022-01-19 CVE-2022-21360 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO).
network
low complexity
oracle netapp debian
5.3
5.3
2022-01-19 CVE-2022-21365 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO).
network
low complexity
oracle debian netapp
5.3
5.3
2022-01-19 CVE-2022-21366 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO).
network
low complexity
oracle netapp debian
5.3
5.3
2021-11-15 CVE-2021-42373 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given
local
low complexity
busybox fedoraproject netapp CWE-476
5.5
5.5
2021-11-15 CVE-2021-42374 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed.
local
high complexity
busybox fedoraproject netapp CWE-125
5.3
5.3
2021-11-15 CVE-2021-42375 An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters.
local
low complexity
busybox fedoraproject netapp
5.5
5.5
2021-11-15 CVE-2021-42376 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character.
local
low complexity
busybox fedoraproject netapp CWE-476
5.5
5.5
2021-10-20 CVE-2021-35550 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE).
network
high complexity
oracle netapp fedoraproject debian
5.9
5.9