Vulnerabilities > Netapp > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-12 | CVE-2023-1096 | Unspecified vulnerability in Netapp Snapcenter 4.7/4.8 SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user. | 9.8 |
2023-03-17 | CVE-2023-28531 | ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. | 9.8 |
2023-02-23 | CVE-2023-23914 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. | 9.1 |
2022-12-05 | CVE-2022-32221 | Exposure of Resource to Wrong Sphere vulnerability in multiple products When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously was used to issue a `PUT` request which used that callback. | 9.8 |
2022-10-31 | CVE-2022-31692 | Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. | 9.8 |
2022-10-13 | CVE-2022-42889 | Code Injection vulnerability in multiple products Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. | 9.8 |
2022-09-09 | CVE-2022-2526 | Use After Free vulnerability in multiple products A use-after-free vulnerability was found in systemd. | 9.8 |
2022-09-01 | CVE-2020-35527 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause. | 9.8 |
2022-08-05 | CVE-2022-37434 | Out-of-bounds Write vulnerability in multiple products zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. | 9.8 |
2022-07-07 | CVE-2022-32207 | Incorrect Default Permissions vulnerability in multiple products When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended. | 9.8 |