📦 Snapcenter

This vulnerability allows authenticated SnapCenter Server users to escalate privileges to admin level on remote systems where SnapCenter plug-ins are installed. It affects SnapCenter versions before 6...

CVE-2023-1096 is a critical authentication bypass vulnerability in NetApp SnapCenter that allows remote unauthenticated attackers to gain administrative access. This affects SnapCenter versions 4.7 be...

CVE-2021-44228 (Log4Shell) is a critical remote code execution vulnerability in Apache Log4j2 that allows attackers to execute arbitrary code by exploiting JNDI lookups in log messages. This affects a...

Node.js DNS library vulnerability allows remote code execution, XSS, and application crashes due to improper validation of DNS responses. Attackers can inject malicious hostnames leading to domain hij...

This CVE describes an out-of-bounds write vulnerability in Apache Commons Configuration that could allow attackers to write data beyond allocated memory boundaries. It affects versions from 2.0 up to ...

This vulnerability allows authenticated SnapCenter Server users to escalate privileges to admin level on remote systems where SnapCenter plug-ins are installed. It affects SnapCenter versions 4.8 thro...

This vulnerability in SnapCenter allows authenticated unprivileged users to escalate their privileges to administrative access. It affects SnapCenter versions 3.x and 4.x prior to 4.9, potentially com...

This vulnerability in Eclipse Jetty's HTTP/2 server implementation allows attackers to cause denial of service by sending invalid HTTP/2 requests that trigger resource cleanup failures. The bug preven...

This vulnerability in curl versions before 7.83.1 could cause the wrong file to be deleted when using the --no-clobber option with --remove-on-error. It affects systems using curl with these specific ...

CVE-2022-1292 is a command injection vulnerability in the c_rehash script distributed with OpenSSL. It allows attackers to execute arbitrary commands with script privileges when the script processes u...

This vulnerability in Python's mailcap module allows shell command injection when applications call mailcap.findmatch() with untrusted input. Attackers can execute arbitrary commands on affected syste...

This CVE describes a prototype pollution vulnerability in Node.js's console.table() function when user-controlled input is passed to the 'properties' parameter alongside an object with '__proto__' as ...

This vulnerability in MySQL Server's optimizer component allows authenticated attackers with network access to cause denial of service (server hangs or crashes) and perform unauthorized data modificat...

This vulnerability allows unauthenticated attackers to cause a denial of service (DoS) on MySQL Server running on Windows by crashing or hanging the service. It affects MySQL Server versions 8.0.25 an...

This vulnerability allows attackers to trick libcurl applications into using a malicious client certificate instead of the intended one when running in writable directories like /tmp. It affects appli...

CVE-2021-22901 is a use-after-free vulnerability in curl/libcurl that allows a malicious TLS 1.3 server to potentially execute arbitrary code on the client. This affects curl clients using OpenSSL wit...

CVE-2021-29489 is a cross-site scripting (XSS) vulnerability in Highcharts JS versions 8 and earlier. It allows attackers to inject malicious scripts through untrusted chart options, potentially execu...

This vulnerability in Eclipse Jetty allows denial-of-service attacks by causing 100% CPU usage when processing large invalid TLS frames. Attackers can exploit this to make affected servers unresponsiv...

A vulnerability in Oracle MySQL's mysqldump client allows low-privileged attackers with network access to potentially access or modify sensitive data. The vulnerability affects MySQL Client versions 8...

This vulnerability in Oracle MySQL Server allows high-privileged attackers with network access to cause a denial of service (DoS) by crashing or hanging the server. It affects MySQL 8.4.0 and 9.0.0 ve...

This vulnerability in Apache Commons IO allows attackers to cause denial of service by consuming excessive CPU resources through maliciously crafted input to the XmlStreamReader class. It affects appl...