Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Clustered Data Ontap Antivirus Connector Security Vulnerabilities - 2021

cve
cve

CVE-2021-3516

There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.

7.8CVSS

7.9AI Score

0.002EPSS

2021-06-01 02:15 PM
282
13
cve
cve

CVE-2021-3517

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this fla...

8.6CVSS

8.4AI Score

0.017EPSS

2021-05-19 02:15 PM
436
11
cve
cve

CVE-2021-3518

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.

8.8CVSS

8.4AI Score

0.004EPSS

2021-05-18 12:15 PM
334
16
cve
cve

CVE-2021-3537

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest th...

5.9CVSS

7AI Score

0.014EPSS

2021-05-14 08:15 PM
384
In Wild
11
cve
cve

CVE-2021-3541

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

6.5CVSS

7AI Score

0.001EPSS

2021-07-09 05:15 PM
349
7
cve
cve

CVE-2021-3711

In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size req...

9.8CVSS

9.7AI Score

0.068EPSS

2021-08-24 03:15 PM
523
28
cve
cve

CVE-2021-3712

ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byt...

7.4CVSS

7.8AI Score

0.005EPSS

2021-08-24 03:15 PM
529
27