E-series Performance Analyzer Security Vulnerabilities and Issues — Page 2 of E-series Performance Analyzer CVE List

Lucene search

NetappE-series Performance Analyzer

61 matches found

CVE•added 2022/12/07 10:15 p.m.•248 views

CVE-2022-23491

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust sto...

7.5CVSS7AI score0.00041EPSS

CVE•added 2021/05/28 6:15 p.m.•203 views

CVE-2021-33623

The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service (ReDoS) for the .end() method.

7.5CVSS7.4AI score0.01299EPSS

CVE•added 2020/07/27 1:15 p.m.•198 views

CVE-2020-11110

Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.

5.4CVSS5.4AI score0.67637EPSS

CVE•added 2022/07/15 12:15 p.m.•173 views

CVE-2022-31097

Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privile...

8.7CVSS7.5AI score0.50566EPSS

CVE•added 2021/05/04 9:15 a.m.•166 views

CVE-2021-23383

The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source.

9.8CVSS7.2AI score0.05294EPSS

CVE•added 2021/05/28 8:15 p.m.•143 views

CVE-2021-33587

The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.

7.5CVSS7.3AI score0.00256EPSS

CVE•added 2021/05/25 7:15 p.m.•140 views

CVE-2021-32640

ws is an open source WebSocket client and server library for Node.js. A specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server. The vulnerability has been fixed in [email protected] (https://github.com/websockets/ws/commit/00c425ec77993773d823f018f64a...

5.3CVSS5.4AI score0.00473EPSS

CVE•added 2020/01/15 5:15 p.m.•126 views

CVE-2020-2585

Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). The supported version that is affected is Java SE: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulne...

5.9CVSS5.6AI score0.01472EPSS

CVE•added 2020/07/15 6:15 p.m.•97 views

CVE-2020-14664

Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). The supported version that is affected is Java SE: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human...

8.3CVSS8.1AI score0.01002EPSS

CVE•added 2021/03/19 9:15 p.m.•86 views

CVE-2021-21267

Schema-Inspector is an open-source tool to sanitize and validate JS objects (npm package schema-inspector). In before version 2.0.0, email address validation is vulnerable to a denial-of-service attack where some input (for example a@0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0...

7.5CVSS7.5AI score0.00866EPSS

CVE•added 2021/06/02 3:15 p.m.•69 views

CVE-2021-26707

The merge-deep library before 3.0.3 for Node.js can be tricked into overwriting properties of Object.prototype or adding new properties to it. These properties are then inherited by every object in the program, thus facilitating prototype-pollution attacks against applications using this library.

9.8CVSS9.3AI score0.0077EPSS

Total number of security vulnerabilities61