Ontap Select Deploy Administration Utility

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-21	CVE-2022-0563	Information Exposure Through an Error Message vulnerability in multiple products A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. local low complexity kernel netapp CWE-209	5.5
2022-02-14	CVE-2021-45346	Memory Leak vulnerability in multiple products A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. network low complexity sqlite netapp CWE-401	4.3
2022-02-11	CVE-2022-0561	NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. local low complexity libtiff redhat fedoraproject debian netapp CWE-476	5.5
2022-02-11	CVE-2022-0562	NULL Pointer Dereference vulnerability in multiple products Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. local low complexity libtiff fedoraproject debian netapp CWE-476	5.5
2022-02-09	CVE-2022-0391	Injection vulnerability in multiple products A flaw was found in Python, specifically within the urllib.parse module. network low complexity python netapp fedoraproject oracle CWE-74	7.5
2022-01-10	CVE-2022-22844	Out-of-bounds Read vulnerability in multiple products LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. local low complexity libtiff debian netapp CWE-125	5.5
2021-12-15	CVE-2021-45078	Out-of-bounds Write vulnerability in multiple products stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. local low complexity gnu fedoraproject redhat debian netapp CWE-787	7.8
2021-12-14	CVE-2021-4044	Infinite Loop vulnerability in multiple products Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. network low complexity openssl netapp nodejs CWE-835	7.5
2021-10-12	CVE-2021-3671	NULL Pointer Dereference vulnerability in multiple products A null pointer de-reference was found in the way samba kerberos server handled missing sname in TGS-REQ (Ticket Granting Server - Request). network low complexity samba debian netapp CWE-476	6.5
2021-09-26	CVE-2021-41617	sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. local high complexity openbsd fedoraproject netapp oracle starwindsoftware	7.0