Vulnerabilities > Netapp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-16 | CVE-2021-45100 | Cleartext Transmission of Sensitive Information vulnerability in multiple products The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. | 7.5 |
| 2021-12-15 | CVE-2021-45078 | Out-of-bounds Write vulnerability in multiple products stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. | 7.8 |
| 2021-12-14 | CVE-2021-4044 | Infinite Loop vulnerability in multiple products Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. | 7.5 |
| 2021-12-13 | CVE-2021-43818 | lxml is a library for processing XML and HTML in the Python language. | 7.1 |
| 2021-12-10 | CVE-2021-44228 | Deserialization of Untrusted Data vulnerability in multiple products Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. network low complexity siemens apache intel debian fedoraproject sonicwall netapp cisco snowsoftware bentley percussion apple CWE-502 critical | 10.0 |
| 2021-12-09 | CVE-2021-43797 | Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. | 6.5 |
| 2021-12-09 | CVE-2021-29678 | Incorrect Authorization vulnerability in multiple products IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user with DBADM authority to access other databases and read or modify files. | 8.7 |
| 2021-12-09 | CVE-2021-38926 | IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to gain privileges due to allowing modification of columns of existing tasks. | 5.5 |
| 2021-12-09 | CVE-2021-38931 | Exposure of Resource to Wrong Sphere vulnerability in multiple products IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1, and 11.5 is vulnerable to an information disclosure as a result of a connected user having indirect read access to a table where they are not authorized to select from. | 6.5 |
| 2021-12-09 | CVE-2021-39002 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |