11.60

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-01	CVE-2024-6387	Race Condition vulnerability in multiple products A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). network high complexity openbsd redhat suse debian canonical amazon netapp freebsd netbsd CWE-362	8.1
2024-04-03	CVE-2024-26733	Out-of-bounds Write vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). local low complexity linux debian netapp CWE-787	5.5
2024-04-03	CVE-2024-26735	Use After Free vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations structure for the subsystem must be registered before registering the generic netlink family. local low complexity linux debian netapp CWE-416	5.5
2023-04-18	CVE-2023-26049	Jetty is a java based web server and servlet engine. network low complexity eclipse debian netapp	5.3
2022-06-02	CVE-2022-23236	Cleartext Storage of Sensitive Information vulnerability in Netapp E-Series Santricity OS Controller E-Series SANtricity OS Controller Software versions 11.40 through 11.70.2 store the LDAP BIND password in plaintext within a file accessible only to privileged users. local low complexity netapp CWE-312	4.4
2022-06-02	CVE-2022-23237	Open Redirect vulnerability in Netapp E-Series Santricity OS Controller E-Series SANtricity OS Controller Software 11.x versions through 11.70.2 are vulnerable to host header injection attacks that could allow an attacker to redirect users to malicious websites. network low complexity netapp CWE-601	6.1
2022-05-25	CVE-2022-1678	An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients. network low complexity linux netapp	7.5
2022-04-19	CVE-2022-21496	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). network low complexity oracle netapp debian azul	5.3
2022-03-25	CVE-2021-4203	A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. network high complexity linux netapp oracle	6.8
2022-03-25	CVE-2018-25032	Out-of-bounds Write vulnerability in multiple products zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. network low complexity nokogiri zlib debian fedoraproject apple python mariadb netapp siemens azul goto CWE-787	7.5