Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2022-05-03 CVE-2022-1473 Incomplete Cleanup vulnerability in multiple products
The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries.
network
low complexity
openssl netapp CWE-459
7.5
7.5
2022-05-03 CVE-2022-29824 Integer Overflow or Wraparound vulnerability in multiple products
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows.
network
low complexity
xmlsoft fedoraproject debian netapp oracle CWE-190
6.5
6.5
2022-05-02 CVE-2022-29968 Missing Initialization of Resource vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.17.5.
local
low complexity
linux fedoraproject netapp CWE-909
7.8
7.8
2022-05-01 CVE-2022-25647 Deserialization of Untrusted Data vulnerability in multiple products
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
network
low complexity
google debian netapp oracle CWE-502
7.5
7.5
2022-05-01 CVE-2022-25844 The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value.
network
low complexity
angularjs fedoraproject netapp
7.5
7.5
2022-04-29 CVE-2022-1048 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params.
local
high complexity
linux redhat debian netapp CWE-416
7.0
7.0
2022-04-29 CVE-2022-1353 A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel.
local
low complexity
linux debian redhat netapp
7.1
7.1
2022-04-27 CVE-2022-24891 ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library.
network
low complexity
owasp oracle netapp
6.1
6.1
2022-04-27 CVE-2022-24735 Code Injection vulnerability in multiple products
Redis is an in-memory database that persists on disk.
local
low complexity
redis fedoraproject netapp oracle CWE-94
7.8
7.8
2022-04-27 CVE-2022-24736 NULL Pointer Dereference vulnerability in multiple products
Redis is an in-memory database that persists on disk.
local
low complexity
redis fedoraproject netapp oracle CWE-476
5.5
5.5