Netapp

Management Services For Netapp Hci

17 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-37920

  • EPSS 0.11%
  • Veröffentlicht 25.07.2023 21:15:10
  • Zuletzt bearbeitet 13.02.2025 13:50:15

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certific...

7.5

CVE-2023-24329

Exploit
  • EPSS 1.22%
  • Veröffentlicht 17.02.2023 15:15:12
  • Zuletzt bearbeitet 18.03.2025 17:15:41

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

7.5

CVE-2022-23491

  • EPSS 0.04%
  • Veröffentlicht 07.12.2022 22:15:09
  • Zuletzt bearbeitet 12.02.2025 17:36:19

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the ...

8.1

CVE-2022-38023

  • EPSS 0.31%
  • Veröffentlicht 09.11.2022 22:15:16
  • Zuletzt bearbeitet 02.01.2025 22:15:15

Netlogon RPC Elevation of Privilege Vulnerability

7.2

CVE-2022-37967

  • EPSS 2.35%
  • Veröffentlicht 09.11.2022 22:15:14
  • Zuletzt bearbeitet 02.01.2025 22:15:10

Windows Kerberos Elevation of Privilege Vulnerability

8.1

CVE-2022-37966

  • EPSS 1.08%
  • Veröffentlicht 09.11.2022 22:15:13
  • Zuletzt bearbeitet 02.01.2025 22:15:09

Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability

6.1

CVE-2022-36033

Exploit
  • EPSS 0.96%
  • Veröffentlicht 29.08.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 07:12:13

jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clic...

7.8

CVE-2022-24735

Exploit
  • EPSS 1.95%
  • Veröffentlicht 27.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:50:58

Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially highe...

5.5

CVE-2022-24736

Exploit
  • EPSS 0.34%
  • Veröffentlicht 27.04.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 06:50:58

Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The ...

6.5

CVE-2021-3671

  • EPSS 1.14%
  • Veröffentlicht 12.10.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:22:07

A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). An authenticated user could use this flaw to crash the samba server.