Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2024-11-07 CVE-2024-38286 Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89.
network
low complexity
apache netapp
7.5
7.5
2024-10-28 CVE-2024-49761 REXML is an XML toolkit for Ruby.
network
low complexity
ruby-lang netapp
7.5
7.5
2024-07-05 CVE-2024-39689 Insufficient Verification of Data Authenticity vulnerability in multiple products
Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts.
network
low complexity
certifi netapp CWE-345
7.5
7.5
2024-07-01 CVE-2024-38477 null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue.
network
low complexity
apache netapp
7.5
7.5
2024-07-01 CVE-2024-6387 Race Condition vulnerability in multiple products
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). 		8.1
8.1
2024-04-17 CVE-2024-21989 Unspecified vulnerability in Netapp Ontap Select Deploy Administration Utility
ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges.
network
low complexity
netapp
8.8
8.8
2024-04-04 CVE-2024-27316 HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response.
network
low complexity
apache fedoraproject netapp
7.5
7.5
2024-03-10 CVE-2024-28757 XML Entity Expansion vulnerability in multiple products
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
network
low complexity
libexpat-project fedoraproject netapp CWE-776
7.5
7.5
2024-03-06 CVE-2024-25111 Uncontrolled Recursion vulnerability in multiple products
Squid is a web proxy cache.
network
low complexity
squid-cache fedoraproject netapp CWE-674
7.5
7.5
2024-02-26 CVE-2024-22201 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Jetty is a Java based web server and servlet engine.
network
low complexity
eclipse debian netapp CWE-770
7.5
7.5