Vulnerabilities > Netapp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-22 | CVE-2023-28709 | Off-by-one Error vulnerability in multiple products The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. | 7.5 |
| 2023-05-21 | CVE-2023-33250 | Use After Free vulnerability in multiple products The Linux kernel 6.3 has a use-after-free in iopt_unmap_iova_range in drivers/iommu/iommufd/io_pagetable.c. | 4.4 |
| 2023-05-15 | CVE-2023-2124 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). | 7.8 |
| 2023-05-12 | CVE-2023-1096 | Unspecified vulnerability in Netapp Snapcenter 4.7/4.8 SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user. | 9.8 |
| 2023-05-08 | CVE-2023-32233 | Use After Free vulnerability in multiple products In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. | 7.8 |
| 2023-05-01 | CVE-2023-2236 | Use After Free vulnerability in multiple products A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Both io_install_fixed_file and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability. We recommend upgrading past commit 9d94c04c0db024922e886c9fd429659f22f48ea4. | 7.8 |
| 2023-04-25 | CVE-2023-0045 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. | 7.5 |
| 2023-04-25 | CVE-2023-2269 | Improper Locking vulnerability in multiple products A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component. | 4.4 |
| 2023-04-25 | CVE-2023-29552 | The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. | 7.5 |
| 2023-04-24 | CVE-2023-2007 | Improper Locking vulnerability in multiple products The specific flaw exists within the DPT I2O Controller driver. | 7.8 |