Management_services_for_element_software - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Management_services_for_element_software
(Netapp)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	25

Date	Id	Summary	Products	Score	Patch	Annotated
2022-11-09	CVE-2022-37967	Windows Kerberos Elevation of Privilege Vulnerability	Fedora, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Management_services_for_element_software, Management_services_for_netapp_hci, Samba	7.2
2022-11-09	CVE-2022-38023	Netlogon RPC Elevation of Privilege Vulnerability	Fedora, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Management_services_for_element_software, Management_services_for_netapp_hci, Samba	8.1
2022-08-05	CVE-2022-37434	zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).	Ipados, Iphone_os, Macos, Watchos, Debian_linux, Fedora, Active_iq_unified_manager, H300s_firmware, H500s_firmware, H700s_firmware, Hci, Hci_compute_node, Management_services_for_element_software, Oncommand_workflow_automation, Ontap_select_deploy_administration_utility, Storagegrid, Stormshield_network_security, Zlib	9.8
2022-08-29	CVE-2022-36033	jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a...	Jsoup, Management_services_for_element_software, Management_services_for_netapp_hci, Oncommand_workflow_automation	6.1
2021-05-27	CVE-2021-22118	In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data.	Hci, Management_services_for_element_software, Commerce_guided_search, Communications_brm_\-_elastic_charging_engine, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_policy, Communications_cloud_native_core_security_edge_protection_proxy, Communications_cloud_native_core_service_communication_proxy, Communications_cloud_native_core_unified_data_repository, Communications_diameter_intelligence_hub, Communications_element_manager, Communications_interactive_session_recorder, Communications_network_integrity, Communications_session_report_manager, Communications_session_route_manager, Communications_unified_inventory_management, Documaker, Enterprise_data_quality, Financial_services_analytical_applications_infrastructure, Healthcare_data_repository, Insurance_policy_administration, Insurance_rules_palette, Mysql_enterprise_monitor, Retail_assortment_planning, Retail_customer_management_and_segmentation_foundation, Retail_financial_integration, Retail_integration_bus, Retail_merchandising_system, Retail_order_broker, Retail_predictive_application_server, Utilities_testing_accelerator, Spring_framework	7.8