Vulnerabilities > Netapp > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-06-10 CVE-2021-26691 Out-of-bounds Write vulnerability in multiple products
In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow
network
low complexity
apache debian fedoraproject oracle netapp CWE-787
critical
9.8
2021-06-02 CVE-2021-26707 The merge-deep library before 3.0.3 for Node.js can be tricked into overwriting properties of Object.prototype or adding new properties to it.
network
low complexity
merge-deep-project netapp
critical
9.8
2021-06-02 CVE-2021-3520 Integer Overflow or Wraparound vulnerability in multiple products
There's a flaw in lz4.
network
low complexity
lz4-project netapp oracle splunk CWE-190
critical
9.8
2021-05-25 CVE-2021-33574 Use After Free vulnerability in multiple products
The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free.
network
low complexity
gnu fedoraproject netapp debian CWE-416
critical
9.8
2021-05-21 CVE-2020-36328 Out-of-bounds Write vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple CWE-787
critical
9.8
2021-05-21 CVE-2020-36329 Use After Free vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple CWE-416
critical
9.8
2021-05-21 CVE-2020-36331 Out-of-bounds Read vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple CWE-125
critical
9.1
2021-03-19 CVE-2021-26990 Missing Authorization vulnerability in Netapp Cloud Manager
Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a remote attacker to overwrite arbitrary system files.
network
low complexity
netapp CWE-862
critical
9.4
2021-03-12 CVE-2021-20231 Use After Free vulnerability in multiple products
A flaw was found in gnutls.
network
low complexity
gnu redhat fedoraproject netapp CWE-416
critical
9.8
2021-01-25 CVE-2021-23901 XXE vulnerability in multiple products
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18.
network
low complexity
apache netapp CWE-611
critical
9.1