Vulnerabilities > Netapp
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-01 | CVE-2023-2598 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. | 7.8 |
2023-05-31 | CVE-2022-48502 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel before 6.2. | 7.1 |
2023-05-30 | CVE-2023-2953 | NULL Pointer Dereference vulnerability in multiple products A vulnerability was found in openldap. | 7.5 |
2023-05-26 | CVE-2023-27311 | Path Traversal vulnerability in Netapp Blue XP Connector NetApp Blue XP Connector versions prior to 3.9.25 expose information via a directory listing. | 5.3 |
2023-05-26 | CVE-2023-2898 | NULL Pointer Dereference vulnerability in multiple products There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. | 4.7 |
2023-05-26 | CVE-2023-28319 | Use After Free vulnerability in multiple products A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. | 7.5 |
2023-05-26 | CVE-2023-28320 | Resource Exhaustion vulnerability in multiple products A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. | 5.9 |
2023-05-26 | CVE-2023-28321 | Improper Certificate Validation vulnerability in multiple products An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. | 5.9 |
2023-05-26 | CVE-2023-28322 | An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. | 3.7 |
2023-05-22 | CVE-2023-28709 | The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. | 7.5 |