Vulnerabilities > Netapp
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-16 | CVE-2024-0567 | Improper Verification of Cryptographic Signature vulnerability in multiple products A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. | 7.5 |
2024-01-15 | CVE-2024-0565 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. | 7.4 |
2024-01-12 | CVE-2024-21982 | Unspecified vulnerability in Netapp Clustered Data Ontap ONTAP versions 9.4 and higher are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information to unprivileged attackers when the object-store profiler command is being run by an administrative user. | 6.5 |
2023-12-21 | CVE-2023-27319 | Information Exposure Through an Error Message vulnerability in Netapp Ontap Mediator ONTAP Mediator versions prior to 1.7 are susceptible to a vulnerability that can allow an unauthenticated attacker to enumerate URLs via REST API. | 5.3 |
2023-12-15 | CVE-2023-27317 | Unspecified vulnerability in Netapp Ontap 9.12.1/9.13.1 ONTAP 9 versions 9.12.1P8, 9.13.1P4, and 9.13.1P5 are susceptible to a vulnerability which will cause all SAS-attached FIPS 140-2 drives to become unlocked after a system reboot or power cycle or a single SAS-attached FIPS 140-2 drive to become unlocked after reinsertion. low complexity netapp | 4.6 |
2023-11-14 | CVE-2023-23583 | Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. | 7.8 |
2023-11-03 | CVE-2023-31102 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive. | 7.8 |
2023-11-01 | CVE-2023-5178 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. | 8.8 |
2023-10-27 | CVE-2023-46604 | The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. | 9.8 |
2023-10-25 | CVE-2023-5363 | Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. | 7.5 |