Vulnerabilities > Netapp > Active IQ Unified Manager > High

DATE CVE VULNERABILITY TITLE RISK
2022-11-23 CVE-2022-40303 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in libxml2 before 2.10.3.
network
low complexity
xmlsoft netapp apple CWE-190
7.5
2022-11-13 CVE-2022-3970 Numeric Errors vulnerability in multiple products
A vulnerability was found in LibTIFF.
network
low complexity
libtiff netapp debian apple CWE-189
8.8
2022-11-09 CVE-2022-45061 Algorithmic Complexity vulnerability in multiple products
An issue was discovered in Python before 3.11.1.
network
low complexity
python fedoraproject netapp CWE-407
7.5
2022-11-04 CVE-2022-43945 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow.
network
low complexity
linux netapp CWE-770
7.5
2022-10-31 CVE-2022-31690 Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions.
network
high complexity
vmware netapp
8.1
2022-10-26 CVE-2022-3705 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability was found in vim and classified as problematic.
network
high complexity
vim fedoraproject debian netapp CWE-119
7.5
2022-10-24 CVE-2022-43680 Use After Free vulnerability in multiple products
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
7.5
2022-10-21 CVE-2022-3649 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability was found in Linux Kernel.
local
high complexity
linux debian netapp CWE-119
7.0
2022-09-21 CVE-2022-38177 Memory Leak vulnerability in multiple products
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak.
network
low complexity
isc debian fedoraproject netapp CWE-401
7.5
2022-09-21 CVE-2022-38178 Memory Leak vulnerability in multiple products
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak.
network
low complexity
isc debian fedoraproject netapp CWE-401
7.5