Vulnerabilities > Netapp > Ontap Select Deploy Administration Utility > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2022-48064 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c.
local
low complexity
gnu fedoraproject netapp CWE-770
5.5
2023-08-22 CVE-2022-48065 Memory Leak vulnerability in multiple products
GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.
local
low complexity
gnu netapp fedoraproject CWE-401
5.5
2023-07-14 CVE-2023-2975 Improper Authentication vulnerability in multiple products
Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be misled by removing, adding or reordering such empty entries as these are ignored by the OpenSSL implementation.
network
low complexity
openssl netapp CWE-287
5.3
2023-02-03 CVE-2023-25136 Double Free vulnerability in multiple products
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling.
network
high complexity
openbsd fedoraproject netapp CWE-415
6.5
2022-08-31 CVE-2022-1354 Out-of-bounds Read vulnerability in multiple products
A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function.
5.5
2022-08-31 CVE-2022-1355 Stack-based Buffer Overflow vulnerability in multiple products
A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function.
6.1
2022-08-31 CVE-2022-39046 Information Exposure Through Log Files vulnerability in multiple products
An issue was discovered in the GNU C Library (glibc) 2.36.
network
low complexity
gnu netapp CWE-532
5.3
2022-08-29 CVE-2022-2953 Out-of-bounds Read vulnerability in multiple products
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file.
local
low complexity
libtiff netapp debian CWE-125
5.5
2022-08-24 CVE-2021-4189 Unchecked Return Value vulnerability in multiple products
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode.
network
low complexity
python debian redhat netapp CWE-252
5.3
2022-08-24 CVE-2021-4214 Classic Buffer Overflow vulnerability in multiple products
A heap overflow flaw was found in libpngs' pngimage.c program.
local
low complexity
libpng debian netapp CWE-120
5.5