Vulnerabilities > Netapp

DATE CVE VULNERABILITY TITLE RISK
2023-07-24 CVE-2023-32258 Improper Locking vulnerability in multiple products
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server.
network
high complexity
linux netapp CWE-667
8.1
8.1
2023-07-20 CVE-2022-28734 Out-of-bounds Write vulnerability in multiple products
Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position.
network
high complexity
gnu netapp CWE-787
7.0
7.0
2023-07-18 CVE-2023-38426 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.4.
network
low complexity
linux netapp CWE-125
critical
 9.1
9.1
2023-07-18 CVE-2023-38427 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.8.
network
low complexity
linux netapp CWE-191
critical
 9.8
9.8
2023-07-18 CVE-2023-38428 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.4.
network
low complexity
linux netapp CWE-125
critical
 9.1
9.1
2023-07-18 CVE-2023-38430 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.9.
network
low complexity
linux netapp CWE-125
critical
 9.1
9.1
2023-07-18 CVE-2023-38431 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.8.
network
low complexity
linux netapp CWE-125
critical
 9.1
9.1
2023-07-18 CVE-2023-38432 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.10.
network
low complexity
linux netapp CWE-125
critical
 9.1
9.1
2023-07-17 CVE-2023-38403 Integer Overflow or Wraparound vulnerability in multiple products
iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.
network
low complexity
es debian fedoraproject netapp apple CWE-190
7.5
7.5
2023-07-14 CVE-2023-2975 Improper Authentication vulnerability in multiple products
Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be misled by removing, adding or reordering such empty entries as these are ignored by the OpenSSL implementation.
network
low complexity
openssl netapp CWE-287
5.3
5.3