Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2022-10-21 CVE-2022-3649 A vulnerability was found in Linux Kernel.
local
high complexity
linux debian netapp
7.0
2022-10-19 CVE-2022-23241 Unspecified vulnerability in Netapp Clustered Data Ontap 9.11.1
Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retention period.
network
low complexity
netapp
8.1
2022-10-17 CVE-2022-3564 Race Condition vulnerability in multiple products
A vulnerability classified as critical was found in Linux Kernel.
high complexity
linux debian netapp CWE-362
7.1
2022-10-17 CVE-2022-3545 A vulnerability has been found in Linux Kernel and classified as critical.
local
low complexity
linux netapp debian
7.8
2022-10-13 CVE-2022-31123 Grafana is an open source observability and data visualization platform.
local
low complexity
grafana netapp
7.8
2022-10-02 CVE-2022-42003 Deserialization of Untrusted Data vulnerability in multiple products
In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.
network
low complexity
fasterxml quarkus debian netapp CWE-502
7.5
2022-10-02 CVE-2022-42004 Deserialization of Untrusted Data vulnerability in multiple products
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays.
network
low complexity
fasterxml quarkus debian netapp CWE-502
7.5
2022-09-29 CVE-2022-38732 Unspecified vulnerability in Netapp Snapcenter
SnapCenter versions prior to 4.7 shipped without Content Security Policy (CSP) implemented which could allow certain types of attacks that otherwise would be prevented.
network
low complexity
netapp
7.5
2022-09-21 CVE-2022-38177 Memory Leak vulnerability in multiple products
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak.
network
low complexity
isc debian fedoraproject netapp CWE-401
7.5
2022-09-21 CVE-2022-38178 Memory Leak vulnerability in multiple products
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak.
network
low complexity
isc debian fedoraproject netapp CWE-401
7.5