Netapp

Management Services For Netapp Hci

17 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-37920

  • EPSS 0.11%
  • Published 25.07.2023 21:15:10
  • Last modified 13.02.2025 13:50:15

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certific...

7.5

CVE-2023-24329

Exploit
  • EPSS 1.22%
  • Published 17.02.2023 15:15:12
  • Last modified 18.03.2025 17:15:41

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

7.5

CVE-2022-23491

  • EPSS 0.04%
  • Published 07.12.2022 22:15:09
  • Last modified 12.02.2025 17:36:19

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the ...

8.1

CVE-2022-38023

  • EPSS 0.31%
  • Published 09.11.2022 22:15:16
  • Last modified 02.01.2025 22:15:15

Netlogon RPC Elevation of Privilege Vulnerability

7.2

CVE-2022-37967

  • EPSS 2.35%
  • Published 09.11.2022 22:15:14
  • Last modified 02.01.2025 22:15:10

Windows Kerberos Elevation of Privilege Vulnerability

8.1

CVE-2022-37966

  • EPSS 1.08%
  • Published 09.11.2022 22:15:13
  • Last modified 02.01.2025 22:15:09

Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability

6.1

CVE-2022-36033

Exploit
  • EPSS 0.96%
  • Published 29.08.2022 17:15:08
  • Last modified 21.11.2024 07:12:13

jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clic...

7.8

CVE-2022-24735

Exploit
  • EPSS 1.95%
  • Published 27.04.2022 20:15:09
  • Last modified 21.11.2024 06:50:58

Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially highe...

5.5

CVE-2022-24736

Exploit
  • EPSS 0.34%
  • Published 27.04.2022 20:15:09
  • Last modified 21.11.2024 06:50:58

Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The ...

6.5

CVE-2021-3671

  • EPSS 1.14%
  • Published 12.10.2021 18:15:08
  • Last modified 21.11.2024 06:22:07

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.