Active IQ Unified Manager

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-19	CVE-2022-21360	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). network low complexity oracle netapp debian	5.3
2022-01-19	CVE-2022-21365	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). network low complexity oracle debian netapp	5.3
2022-01-19	CVE-2022-21366	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). network low complexity oracle netapp debian	5.3
2022-01-06	CVE-2021-46143	Integer Overflow or Wraparound vulnerability in multiple products In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. local low complexity libexpat-project netapp tenable siemens CWE-190	7.8
2022-01-01	CVE-2021-45960	Incorrect Calculation vulnerability in multiple products In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). network low complexity libexpat-project tenable debian siemens netapp CWE-682	8.8
2021-12-10	CVE-2021-44228	Deserialization of Untrusted Data vulnerability in multiple products Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. network low complexity apache siemens intel debian fedoraproject sonicwall netapp cisco snowsoftware bentley percussion apple CWE-502 critical	10.0
2021-11-15	CVE-2021-43618	Integer Overflow or Wraparound vulnerability in multiple products GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms. network low complexity gmplib debian netapp CWE-190	7.5
2021-10-28	CVE-2021-22096	In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. network low complexity vmware netapp oracle	4.0
2021-10-20	CVE-2021-35603	Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). network high complexity oracle netapp debian fedoraproject	3.7
2021-10-20	CVE-2021-35618	Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). high complexity oracle netapp	1.4