Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2022-09-21 CVE-2022-38178 Memory Leak vulnerability in multiple products
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak.
network
low complexity
isc debian fedoraproject netapp CWE-401
7.5
7.5
2022-09-21 CVE-2022-41222 Use After Free vulnerability in multiple products
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
local
high complexity
linux debian netapp canonical CWE-416
7.0
7.0
2022-09-14 CVE-2022-3202 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel.
local
low complexity
linux netapp CWE-476
7.1
7.1
2022-09-09 CVE-2022-2526 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in systemd.
network
low complexity
systemd-project netapp CWE-416
critical
 9.8
9.8
2022-09-09 CVE-2022-2964 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices.
local
low complexity
linux redhat netapp CWE-119
7.8
7.8
2022-09-02 CVE-2022-39189 An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17.
local
low complexity
linux netapp
7.8
7.8
2022-09-01 CVE-2022-1729 Race Condition vulnerability in multiple products
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges.
local
high complexity
linux netapp CWE-362
7.0
7.0
2022-09-01 CVE-2022-2764 A flaw was found in Undertow.
network
low complexity
redhat netapp
4.9
4.9
2022-09-01 CVE-2020-4301 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm netapp CWE-352
6.5
6.5
2022-09-01 CVE-2021-20468 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm netapp CWE-352
6.5
6.5