Vulnerabilities > Netapp > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-01 CVE-2023-5178 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel.
network
low complexity
linux redhat netapp CWE-416
critical
 9.8
9.8
2023-10-18 CVE-2023-38545 Out-of-bounds Write vulnerability in multiple products
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only.
network
low complexity
haxx fedoraproject netapp microsoft CWE-787
critical
 9.8
9.8
2023-07-18 CVE-2023-38432 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.10.
network
low complexity
linux netapp CWE-125
critical
 9.1
9.1
2023-07-18 CVE-2023-38431 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.8.
network
low complexity
linux netapp CWE-125
critical
 9.1
9.1
2023-07-18 CVE-2023-38430 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.9.
network
low complexity
linux netapp CWE-125
critical
 9.1
9.1
2023-07-18 CVE-2023-38428 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.4.
network
low complexity
linux netapp CWE-125
critical
 9.1
9.1
2023-07-18 CVE-2023-38427 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.8.
network
low complexity
linux netapp CWE-191
critical
 9.8
9.8
2023-07-18 CVE-2023-38426 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.4.
network
low complexity
linux netapp CWE-125
critical
 9.1
9.1
2023-05-12 CVE-2023-1096 Unspecified vulnerability in Netapp Snapcenter 4.7/4.8
SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user.
network
low complexity
netapp
critical
 9.8
9.8
2023-03-17 CVE-2023-28531 ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints.
network
low complexity
openbsd netapp
critical
 9.8
9.8