Vulnerabilities > Netapp > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-22 | CVE-2021-35942 | Integer Overflow or Wraparound vulnerability in multiple products The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. | 9.1 |
| 2021-06-10 | CVE-2021-26691 | Out-of-bounds Write vulnerability in multiple products In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow | 9.8 |
| 2021-06-02 | CVE-2021-26707 | The merge-deep library before 3.0.3 for Node.js can be tricked into overwriting properties of Object.prototype or adding new properties to it. | 9.8 |
| 2021-06-02 | CVE-2021-3520 | Integer Overflow or Wraparound vulnerability in multiple products There's a flaw in lz4. | 9.8 |
| 2021-06-01 | CVE-2020-4561 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 DQM API allows submitting of all control requests in unauthenticated sessions. | 10.0 |
| 2021-05-25 | CVE-2021-33574 | Use After Free vulnerability in multiple products The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. | 9.8 |
| 2021-05-21 | CVE-2020-36328 | Out-of-bounds Write vulnerability in multiple products A flaw was found in libwebp in versions before 1.0.1. | 9.8 |
| 2021-05-21 | CVE-2020-36329 | Use After Free vulnerability in multiple products A flaw was found in libwebp in versions before 1.0.1. | 9.8 |
| 2021-05-21 | CVE-2020-36330 | Out-of-bounds Read vulnerability in multiple products A flaw was found in libwebp in versions before 1.0.1. | 9.1 |
| 2021-05-21 | CVE-2020-36331 | Out-of-bounds Read vulnerability in multiple products A flaw was found in libwebp in versions before 1.0.1. | 9.1 |