Management Services For Element Software Security Vulnerabilities and Issues — Management Services For Element Software CVE List

Lucene search

NetappManagement Services For Element Software

12 matches found

CVE•added 2022/03/25 9:15 a.m.•3104 views

CVE-2018-25032

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

7.5CVSS8.1AI score0.00089EPSS

CVE•added 2022/08/05 7:15 a.m.•1062 views

CVE-2022-37434

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHe...

9.8CVSS9.9AI score0.92678EPSS

CVE•added 2022/03/04 7:15 p.m.•955 views

CVE-2021-3737

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.

7.5CVSS7.6AI score0.00138EPSS

CVE•added 2022/02/09 11:15 p.m.•771 views

CVE-2022-0391

A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an a...

7.5CVSS7.4AI score0.00816EPSS

CVE•added 2022/11/09 10:15 p.m.•754 views

CVE-2022-38023

Netlogon RPC Elevation of Privilege Vulnerability

8.1CVSS8.3AI score0.00295EPSS

CVE•added 2022/11/09 10:15 p.m.•502 views

CVE-2022-37967

Windows Kerberos Elevation of Privilege Vulnerability

7.2CVSS7.9AI score0.02202EPSS

CVE•added 2022/11/09 7:15 a.m.•483 views

CVE-2022-45061

An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often su...

7.5CVSS7.7AI score0.00084EPSS

CVE•added 2022/08/29 5:15 p.m.•465 views

CVE-2022-36033

jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including javascript: URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default SafeList.preserveR...

6.1CVSS6.2AI score0.00827EPSS

CVE•added 2022/11/09 10:15 p.m.•414 views

CVE-2022-37966

Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability

8.1CVSS8.5AI score0.00747EPSS

CVE•added 2022/12/07 10:15 p.m.•261 views

CVE-2022-23491

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust sto...

7.5CVSS7AI score0.00041EPSS

CVE•added 2022/04/27 8:15 p.m.•223 views

CVE-2022-24735

Redis is an in-memory database that persists on disk. By exploiting weaknesses in the Lua script execution environment, an attacker with access to Redis prior to version 7.0.0 or 6.2.7 can inject Lua code that will execute with the (potentially higher) privileges of another Redis user. The Lua scri...

7.8CVSS6.4AI score0.01946EPSS

CVE•added 2022/04/27 8:15 p.m.•183 views

CVE-2022-24736

Redis is an in-memory database that persists on disk. Prior to versions 6.2.7 and 7.0.0, an attacker attempting to load a specially crafted Lua script can cause NULL pointer dereference which will result with a crash of the redis-server process. The problem is fixed in Redis versions 7.0.0 and 6.2....

5.5CVSS5.4AI score0.00354EPSS