Ontap Select Deploy Administration Utility

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-24	CVE-2021-4214	Classic Buffer Overflow vulnerability in multiple products A heap overflow flaw was found in libpngs' pngimage.c program. local low complexity libpng debian netapp CWE-120	5.5
2022-08-23	CVE-2021-3975	Use After Free vulnerability in multiple products A use-after-free flaw was found in libvirt. network low complexity redhat canonical fedoraproject debian netapp CWE-416	6.5
2022-08-23	CVE-2022-31676	Improper Privilege Management vulnerability in multiple products VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. local low complexity vmware debian fedoraproject netapp CWE-269	7.8
2022-08-05	CVE-2022-37434	Out-of-bounds Write vulnerability in multiple products zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. network low complexity zlib fedoraproject debian netapp apple stormshield CWE-787 critical	9.8
2022-08-03	CVE-2022-35737	Improper Validation of Array Index vulnerability in multiple products SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. network low complexity sqlite netapp splunk CWE-129	7.5
2022-07-29	CVE-2022-34526	Out-of-bounds Write vulnerability in multiple products A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. network low complexity libtiff fedoraproject netapp debian CWE-787	6.5
2022-07-06	CVE-2021-3695	Out-of-bounds Write vulnerability in multiple products A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. local high complexity gnu fedoraproject redhat netapp CWE-787	4.5
2022-07-06	CVE-2021-3696	Out-of-bounds Write vulnerability in multiple products A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. local high complexity gnu redhat netapp CWE-787	4.5
2022-07-01	CVE-2022-34903	Injection vulnerability in multiple products GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. network high complexity gnupg fedoraproject debian netapp CWE-74	6.5
2022-06-21	CVE-2022-2068	OS Command Injection vulnerability in multiple products In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. network low complexity openssl debian fedoraproject siemens netapp broadcom CWE-78 critical	9.8