Netapp

E-series Santricity Os Controller

232 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-28165

Exploit
  • EPSS 13.15%
  • Veröffentlicht 01.04.2021 15:15:14
  • Zuletzt bearbeitet 27.08.2025 21:15:37

In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.

5.3

CVE-2020-27223

  • EPSS 33.82%
  • Veröffentlicht 26.02.2021 22:15:19
  • Zuletzt bearbeitet 20.08.2025 10:15:27

In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) ...

6.5

CVE-2021-21285

  • EPSS 0.12%
  • Veröffentlicht 02.02.2021 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:47:56

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.

6.8

CVE-2021-21284

  • EPSS 0.02%
  • Veröffentlicht 02.02.2021 18:15:11
  • Zuletzt bearbeitet 21.11.2024 05:47:55

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace...

7.5

CVE-2021-3326

  • EPSS 0.23%
  • Veröffentlicht 27.01.2021 20:15:14
  • Zuletzt bearbeitet 09.06.2025 16:15:32

The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of ser...

5.9

CVE-2020-1971

  • EPSS 0.34%
  • Veröffentlicht 08.12.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:11:45

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they...

4.8

CVE-2020-29562

Exploit
  • EPSS 0.05%
  • Veröffentlicht 04.12.2020 07:15:11
  • Zuletzt bearbeitet 09.06.2025 16:15:32

The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

5.9

CVE-2020-8577

  • EPSS 0.32%
  • Veröffentlicht 06.11.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:03

SANtricity OS Controller Software versions 11.50.1 and higher are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session.

7.5

CVE-2020-8580

  • EPSS 0.55%
  • Veröffentlicht 06.11.2020 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:39:04

SANtricity OS Controller Software versions 11.30 and higher are susceptible to a vulnerability which allows an unauthenticated attacker with access to the system to cause a Denial of Service (DoS).

5

CVE-2020-14803

  • EPSS 0.04%
  • Veröffentlicht 21.10.2020 15:15:20
  • Zuletzt bearbeitet 27.05.2025 16:40:04

Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocol...