Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2023-02-23 CVE-2023-23916 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms.
network
low complexity
haxx fedoraproject debian netapp splunk CWE-770
6.5
6.5
2023-02-17 CVE-2023-24329 Improper Input Validation vulnerability in multiple products
An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.
network
low complexity
python fedoraproject netapp CWE-20
7.5
7.5
2023-02-15 CVE-2023-0361 Information Exposure Through Discrepancy vulnerability in multiple products
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS.
network
high complexity
gnu redhat debian fedoraproject netapp CWE-203
7.4
7.4
2023-02-03 CVE-2023-25136 Double Free vulnerability in multiple products
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling.
network
high complexity
openbsd fedoraproject netapp CWE-415
6.5
6.5
2023-01-17 CVE-2022-41858 NULL Pointer Dereference vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux netapp CWE-476
7.1
7.1
2023-01-13 CVE-2023-23559 Integer Overflow or Wraparound vulnerability in multiple products
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
local
low complexity
linux netapp debian CWE-190
7.8
7.8
2022-12-23 CVE-2022-43551 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP.
network
low complexity
haxx fedoraproject netapp splunk CWE-319
7.5
7.5
2022-12-20 CVE-2022-38733 Unspecified vulnerability in Netapp Oncommand Insight
OnCommand Insight versions 7.3.1 through 7.3.14 are susceptible to an authentication bypass vulnerability in the Data Warehouse component.
network
low complexity
netapp
8.6
8.6
2022-12-18 CVE-2022-47518 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.0.11.
local
low complexity
linux debian netapp CWE-787
7.8
7.8
2022-12-18 CVE-2022-47519 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.0.11.
local
low complexity
linux debian netapp CWE-787
7.8
7.8