Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2022-01-19 CVE-2022-21372 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).
network
low complexity
oracle netapp
4.0
4.0
2022-01-19 CVE-2022-21374 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema).
network
low complexity
oracle netapp
4.0
4.0
2022-01-19 CVE-2022-21378 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp
5.5
5.5
2022-01-19 CVE-2022-21379 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin).
network
low complexity
oracle netapp
4.0
4.0
2022-01-19 CVE-2022-21380 Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).
high complexity
oracle netapp
4.0
4.0
2022-01-18 CVE-2021-4083 Race Condition vulnerability in multiple products
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition.
local
high complexity
linux netapp debian oracle CWE-362
7.0
7.0
2022-01-18 CVE-2022-23302 Deserialization of Untrusted Data vulnerability in multiple products
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to.
network
low complexity
apache netapp broadcom qos oracle CWE-502
8.8
8.8
2022-01-18 CVE-2022-23305 SQL Injection vulnerability in multiple products
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout.
network
low complexity
apache netapp broadcom qos oracle CWE-89
critical
 9.8
9.8
2022-01-14 CVE-2022-23222 NULL Pointer Dereference vulnerability in multiple products
kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.
local
low complexity
linux debian netapp fedoraproject CWE-476
7.8
7.8
2022-01-10 CVE-2022-22844 Out-of-bounds Read vulnerability in multiple products
LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field.
local
low complexity
libtiff debian netapp CWE-125
5.5
5.5