Total
34659 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-27050 | 1 Microsoft | 1 High Efficiency Video Coding | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-27049 | 1 Microsoft | 1 High Efficiency Video Coding | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-27048 | 1 Microsoft | 1 High Efficiency Video Coding | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-27047 | 1 Microsoft | 1 High Efficiency Video Coding | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-27025 | 2 Fedoraproject, Puppet | 4 Fedora, Puppet, Puppet Agent and 1 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A flaw was discovered in Puppet Agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first 'pluginsync'. | |||||
| CVE-2021-27023 | 2 Fedoraproject, Puppet | 4 Fedora, Puppet Agent, Puppet Enterprise and 1 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| A flaw was discovered in Puppet Agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007 | |||||
| CVE-2021-27007 | 1 Netapp | 1 Virtual Desktop Service | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| NetApp Virtual Desktop Service (VDS) when used with an HTML5 gateway is susceptible to a vulnerability which when successfully exploited could allow an unauthenticated attacker to takeover a Remote Desktop Session. | |||||
| CVE-2021-27006 | 1 Netapp | 1 Storagegrid | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a vulnerability which may allow an administrative user to escalate their privileges and modify settings in SANtricity System Manager. | |||||
| CVE-2021-27005 | 1 Netapp | 1 Ontap System Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote attacker to cause a crash of the httpd server. | |||||
| CVE-2021-27004 | 1 Netapp | 1 Ontap System Manager | 2024-11-21 | 1.7 LOW | 5.5 MEDIUM |
| System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials. | |||||
| CVE-2021-27002 | 1 Netapp | 1 Cloud Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to retrieve sensitive data via the web proxy. | |||||
| CVE-2021-27001 | 1 Netapp | 1 Clustered Data Ontap | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Clustered Data ONTAP versions 9.x prior to 9.5P18, 9.6P16, 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow an authenticated privileged local attacker to arbitrarily modify Compliance-mode WORM data prior to the end of the retention period. | |||||
| CVE-2021-26996 | 1 Netapp | 1 E-series Santricity Os Controller | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to discover system configuration and application information which may aid in crafting more complex attacks. | |||||
| CVE-2021-26995 | 1 Netapp | 1 E-series Santricity Os Controller | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow privileged attackers to execute arbitrary code. | |||||
| CVE-2021-26994 | 1 Netapp | 1 Clustered Data Ontap | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Clustered Data ONTAP versions prior to 9.7P13 and 9.8P3 are susceptible to a vulnerability which could allow single workloads to cause a Denial of Service (DoS) on a cluster node. | |||||
| CVE-2021-26993 | 1 Netapp | 1 E-series Santricity Os Controller | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow a remote attacker to cause a partial Denial of Service (DoS) to the web server. | |||||
| CVE-2021-26992 | 1 Netapp | 1 Cloud Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability which could allow a remote attacker to cause a Denial of Service (DoS). | |||||
| CVE-2021-26991 | 1 Netapp | 1 Cloud Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin Resource Sharing (CORS) policy which could allow a remote attacker to interact with Cloud Manager. | |||||
| CVE-2021-26989 | 1 Netapp | 1 Data Ontap | 2024-11-21 | 3.5 LOW | 6.5 MEDIUM |
| Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P9 and 9.8 are susceptible to a vulnerability which could allow a remote authenticated attacker to cause a Denial of Service (DoS) on clustered Data ONTAP configured for SMB access. | |||||
| CVE-2021-26987 | 2 Netapp, Vmware | 4 Element Plug-in For Vcenter Server, Management Services For Element Software And Netapp Hci, Solidfire \& Hci Management Node and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Management Services versions prior to 2.17.56 and Management Node versions through 12.2 contain vulnerable versions of SpringBoot Framework. | |||||