Vulnerabilities > Netapp > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-05-21 CVE-2020-36330 Out-of-bounds Read vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject debian redhat netapp apple CWE-125
critical
 9.1
9.1
2021-05-21 CVE-2020-36331 Out-of-bounds Read vulnerability in multiple products
A flaw was found in libwebp in versions before 1.0.1.
network
low complexity
webmproject redhat netapp debian apple CWE-125
critical
 9.1
9.1
2021-05-04 CVE-2021-23383 The package handlebars before 4.7.7 are vulnerable to Prototype Pollution when selecting certain compiling options to compile templates coming from an untrusted source.
network
low complexity
handlebarsjs netapp
critical
 9.8
9.8
2021-04-29 CVE-2021-25216 Out-of-bounds Read vulnerability in multiple products
In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features.
network
low complexity
debian isc siemens netapp CWE-125
critical
 9.8
9.8
2021-03-19 CVE-2021-26990 Missing Authorization vulnerability in Netapp Cloud Manager
Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a remote attacker to overwrite arbitrary system files.
network
low complexity
netapp CWE-862
critical
 9.1
9.1
2021-03-15 CVE-2021-26987 Element Plug-in for vCenter Server incorporates SpringBoot Framework.
network
low complexity
vmware netapp
critical
 9.8
9.8
2021-03-12 CVE-2021-20231 A flaw was found in gnutls.
network
low complexity
gnu redhat fedoraproject netapp
critical
 9.8
9.8
2021-01-25 CVE-2021-23901 XXE vulnerability in multiple products
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18.
network
low complexity
apache netapp CWE-611
critical
 9.1
9.1
2021-01-19 CVE-2021-3177 Classic Buffer Overflow vulnerability in multiple products
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param.
network
low complexity
python fedoraproject netapp debian oracle CWE-120
critical
 9.8
9.8
2021-01-14 CVE-2021-23926 XML Entity Expansion vulnerability in multiple products
The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input.
network
low complexity
apache netapp debian oracle CWE-776
critical
 9.1
9.1