Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
NetappE-series Santricity Os Controller

32 matches found

CVE
CVEadded 2021/08/24 3:15 p.m.630 views

CVE-2021-3711

In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size req...

9.8CVSS9.9AI score0.02876EPSS
CVE
CVEadded 2021/12/08 10:15 p.m.619 views

CVE-2021-43527

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using N...

9.8CVSS9.6AI score0.05243EPSS
CVE
CVEadded 2017/05/23 4:29 a.m.509 views

CVE-2016-9841

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

9.8CVSS9.9AI score0.20848EPSS
CVE
CVEadded 2018/12/07 9:29 p.m.499 views

CVE-2018-18311

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

9.8CVSS9.6AI score0.12153EPSS
CVE
CVEadded 2019/04/10 8:29 p.m.473 views

CVE-2019-11068

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.

9.8CVSS9.4AI score0.01109EPSS
CVE
CVEadded 2021/07/22 6:15 p.m.364 views

CVE-2021-35942

The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but ...

9.1CVSS9.4AI score0.01204EPSS
CVE
CVEadded 2021/05/25 10:15 p.m.314 views

CVE-2021-33574

The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possi...

9.8CVSS8.7AI score0.00129EPSS
CVE
CVEadded 2019/08/09 8:15 p.m.273 views

CVE-2019-12255

Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.

9.8CVSS9.3AI score0.82379EPSS
CVE
CVEadded 2018/06/26 4:29 p.m.269 views

CVE-2017-7657

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as...

9.8CVSS9.1AI score0.0484EPSS
CVE
CVEadded 2019/08/09 9:15 p.m.252 views

CVE-2019-12261

Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host.

9.8CVSS9.2AI score0.17176EPSS
CVE
CVEadded 2018/07/18 1:29 p.m.244 views

CVE-2018-2938

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java DB). Supported versions that are affected are Java SE: 6u191, 7u181 and 8u172. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. While the ...

9CVSS6.8AI score0.00715EPSS
CVE
CVEadded 2018/12/07 9:29 p.m.237 views

CVE-2018-18313

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.

9.1CVSS8.9AI score0.03978EPSS
CVE
CVEadded 2018/01/10 6:29 p.m.232 views

CVE-2017-17485

FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassin...

9.8CVSS9.5AI score0.77336EPSS
CVE
CVEadded 2019/11/07 2:15 p.m.214 views

CVE-2019-18805

An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unsp...

9.8CVSS9.1AI score0.00567EPSS
CVE
CVEadded 2019/08/09 9:15 p.m.207 views

CVE-2019-12260

Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option.

9.8CVSS9.3AI score0.26195EPSS
CVE
CVEadded 2018/12/05 10:29 p.m.201 views

CVE-2018-18312

Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

9.8CVSS9.4AI score0.10307EPSS
CVE
CVEadded 2018/12/07 9:29 p.m.196 views

CVE-2018-18314

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

9.8CVSS9.4AI score0.07241EPSS
CVE
CVEadded 2018/06/26 5:29 p.m.187 views

CVE-2017-7658

In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ...

9.8CVSS9.2AI score0.10686EPSS
CVE
CVEadded 2017/08/08 3:29 p.m.182 views

CVE-2017-10087

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple ...

9.6CVSS9AI score0.00416EPSS
CVE
CVEadded 2017/08/08 3:29 p.m.177 views

CVE-2017-10090

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoco...

9.6CVSS9AI score0.00416EPSS
CVE
CVEadded 2017/10/19 5:29 p.m.172 views

CVE-2017-10346

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS9.1AI score0.00416EPSS
CVE
CVEadded 2017/08/08 3:29 p.m.171 views

CVE-2017-10107

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoc...

9.6CVSS9AI score0.00416EPSS
CVE
CVEadded 2017/08/08 3:29 p.m.169 views

CVE-2017-10102

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple prot...

9CVSS8.7AI score0.00525EPSS
CVE
CVEadded 2017/10/19 5:29 p.m.165 views

CVE-2017-10285

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple pro...

9.6CVSS9AI score0.00393EPSS
CVE
CVEadded 2017/08/08 3:29 p.m.163 views

CVE-2017-10096

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple proto...

9.6CVSS9.1AI score0.00416EPSS
CVE
CVEadded 2017/08/08 3:29 p.m.163 views

CVE-2017-10110

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attac...

9.6CVSS9.1AI score0.00365EPSS
CVE
CVEadded 2017/08/08 3:29 p.m.162 views

CVE-2017-10089

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful a...

9.6CVSS9.1AI score0.00416EPSS
CVE
CVEadded 2017/08/08 3:29 p.m.162 views

CVE-2017-10101

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple proto...

9.6CVSS9AI score0.00365EPSS
CVE
CVEadded 2019/08/09 6:15 p.m.134 views

CVE-2019-12256

Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options.

9.8CVSS9.5AI score0.17708EPSS
CVE
CVEadded 2017/08/08 3:29 p.m.117 views

CVE-2017-10111

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to com...

9.6CVSS9AI score0.0126EPSS
CVE
CVEadded 2017/08/08 3:29 p.m.104 views

CVE-2017-10086

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u141 and 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks r...

9.6CVSS9AI score0.0126EPSS
CVE
CVEadded 2018/10/04 1:29 p.m.59 views

CVE-2018-5492

NetApp E-Series SANtricity OS Controller Software 11.30 and later version 11.30.5 is susceptible to unauthenticated remote code execution.

9.8CVSS9.8AI score0.02126EPSS