High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-10	CVE-2024-28757	XML Entity Expansion vulnerability in multiple products libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). network low complexity libexpat-project fedoraproject netapp CWE-776	7.5
2024-02-26	CVE-2024-22201	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Jetty is a Java based web server and servlet engine. network low complexity eclipse debian netapp CWE-770	7.5
2024-01-16	CVE-2024-0567	Improper Verification of Cryptographic Signature vulnerability in multiple products A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. network low complexity gnu fedoraproject netapp debian CWE-347	7.5
2023-11-03	CVE-2023-31102	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive. local low complexity 7-zip netapp CWE-191	7.8
2023-11-01	CVE-2023-5178	Use After Free vulnerability in multiple products A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. network low complexity linux redhat netapp CWE-416	8.8
2023-09-21	CVE-2023-41993	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products The issue was addressed with improved checks. network low complexity apple fedoraproject debian oracle netapp webkitgtk CWE-754	8.8
2023-09-12	CVE-2023-4863	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. network low complexity google fedoraproject debian mozilla microsoft webmproject netapp bentley bandisoft CWE-787	8.8
2023-08-23	CVE-2023-41105	Untrusted Search Path vulnerability in multiple products An issue was discovered in Python 3.11 through 3.11.4. network low complexity python netapp CWE-426	7.5
2023-07-20	CVE-2022-28734	Out-of-bounds Write vulnerability in multiple products Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. network high complexity gnu netapp CWE-787	7.0
2023-05-30	CVE-2023-2953	NULL Pointer Dereference vulnerability in multiple products A vulnerability was found in openldap. network low complexity openldap redhat apple netapp CWE-476	7.5