VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Netapp
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-11-02
CVE-2017-5123
Improper Input Validation vulnerability in multiple products
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.
local
low complexity
linux
netapp
CWE-20
8.8
8.8
2021-11-01
CVE-2021-27005
Unspecified vulnerability in Netapp Ontap System Manager 9.7/9.8/9.9.12
Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote attacker to cause a crash of the httpd server.
network
low complexity
netapp
7.5
7.5
2021-11-01
CVE-2021-27004
Unspecified vulnerability in Netapp Ontap System Manager 9.7/9.8/9.9.12
System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials.
local
low complexity
netapp
5.5
5.5
2021-10-29
CVE-2021-25742
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster.
network
low complexity
kubernetes
netapp
7.1
7.1
2021-10-28
CVE-2021-22096
In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.
network
low complexity
vmware
netapp
oracle
4.3
4.3
2021-10-28
CVE-2021-43057
Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.14.8.
local
low complexity
linux
netapp
CWE-416
7.8
7.8
2021-10-27
CVE-2021-25219
In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance.
network
low complexity
isc
debian
fedoraproject
netapp
siemens
oracle
5.3
5.3
2021-10-26
CVE-2021-41182
jQuery-UI is the official jQuery user interface library.
network
low complexity
jqueryui
fedoraproject
netapp
debian
drupal
oracle
tenable
6.1
6.1
2021-10-26
CVE-2021-41183
jQuery-UI is the official jQuery user interface library.
network
low complexity
jqueryui
fedoraproject
netapp
debian
drupal
oracle
tenable
6.1
6.1
2021-10-26
CVE-2021-41184
jQuery-UI is the official jQuery user interface library.
network
low complexity
jqueryui
fedoraproject
netapp
drupal
tenable
oracle
6.1
6.1
«
Previous
1
2
...
51
52
53
(current)
54
55
...
184
185
»
Next