Netapp E-Series Santricity Os Controller vulnerabilities
240 known vulnerabilities affecting netapp/e-series_santricity_os_controller.
Total CVEs
240
CISA KEV
1
actively exploited
Public exploits
9
Exploited in wild
2
Severity breakdown
CRITICAL31HIGH57MEDIUM107LOW45
Vulnerabilities
Page 2 of 12
CVE-2018-25032HIGHCVSS 7.5≥ 11.0.0, ≤ 11.70.22022-03-25
CVE-2018-25032 [HIGH] CWE-787 CVE-2018-25032: zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
nvd
CVE-2021-4203MEDIUMCVSS 6.8≥ 11.0.0, ≤ 11.70.22022-03-25
CVE-2021-4203 [MEDIUM] CWE-362 CVE-2021-4203: A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.
nvd
CVE-2021-3772MEDIUMCVSS 6.5v11.0v11.0.0+15 more2022-03-02
CVE-2021-3772 [MEDIUM] CWE-354 CVE-2021-3772: A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP asso
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses.
nvd
CVE-2020-36516MEDIUMCVSS 5.9≥ 11.02022-02-26
CVE-2020-36516 [MEDIUM] CWE-327 CVE-2020-36516: An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with t
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
nvd
CVE-2021-20322HIGHCVSS 7.4≥ 11.0, ≤ 11.70.12022-02-18
CVE-2021-20322 [HIGH] CWE-330 CVE-2021-20322: A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Lin
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and
nvd
CVE-2022-21283MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21283 [MEDIUM] CVE-2022-21283: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to
nvd
CVE-2022-21365MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21365 [MEDIUM] CVE-2022-21365: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple
nvd
CVE-2022-21282MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21282 [MEDIUM] CVE-2022-21282: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple pro
nvd
CVE-2022-21305MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21305 [MEDIUM] CVE-2022-21305: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple
nvd
CVE-2022-21340MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21340 [MEDIUM] CVE-2022-21340: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl
nvd
CVE-2022-21291MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21291 [MEDIUM] CVE-2022-21291: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple
nvd
CVE-2022-21296MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21296 [MEDIUM] CVE-2022-21296: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple pro
nvd
CVE-2022-21293MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21293 [MEDIUM] CVE-2022-21293: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl
nvd
CVE-2022-21366MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21366 [MEDIUM] CVE-2022-21366: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to c
nvd
CVE-2022-21360MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21360 [MEDIUM] CVE-2022-21360: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple
nvd
CVE-2022-21299MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21299 [MEDIUM] CVE-2022-21299: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple pro
nvd
CVE-2022-21349MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21349 [MEDIUM] CVE-2022-21349: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromis
nvd
CVE-2022-21271MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21271 [MEDIUM] CVE-2022-21271: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoc
nvd
CVE-2022-21277MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21277 [MEDIUM] CVE-2022-21277: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to c
nvd
CVE-2022-21341MEDIUMCVSS 5.3≥ 11.0.0, ≤ 11.70.12022-01-19
CVE-2022-21341 [MEDIUM] CVE-2022-21341: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via mul
nvd