Vulnerabilities > Netapp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-14 | CVE-2023-2975 | Improper Authentication vulnerability in multiple products Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be misled by removing, adding or reordering such empty entries as these are ignored by the OpenSSL implementation. | 5.3 |
| 2023-07-10 | CVE-2023-32250 | Race Condition vulnerability in multiple products A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. | 8.1 |
| 2023-07-10 | CVE-2023-32254 | Race Condition vulnerability in multiple products A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. | 8.1 |
| 2023-07-05 | CVE-2023-35001 | Out-of-bounds Write vulnerability in multiple products Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace | 7.8 |
| 2023-06-30 | CVE-2023-3338 | NULL Pointer Dereference vulnerability in multiple products A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol. | 6.5 |
| 2023-06-28 | CVE-2023-3390 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. | 7.8 |
| 2023-06-28 | CVE-2023-1295 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. | 7.0 |
| 2023-06-23 | CVE-2023-3212 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. | 4.4 |
| 2023-06-18 | CVE-2023-35826 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 6.3.2. | 7.0 |
| 2023-06-18 | CVE-2023-35828 | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 6.3.2. | 7.0 |