Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2022-11-04 CVE-2022-43945 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow.
network
low complexity
linux netapp CWE-770
7.5
2022-11-01 CVE-2022-3602 Out-of-bounds Write vulnerability in multiple products
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking.
network
low complexity
openssl fedoraproject netapp nodejs CWE-787
7.5
2022-10-31 CVE-2022-31690 Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions.
network
high complexity
vmware netapp
8.1
2022-10-29 CVE-2022-42915 Double Free vulnerability in multiple products
curl before 7.86.0 has a double free.
network
high complexity
haxx fedoraproject netapp apple splunk CWE-415
8.1
2022-10-26 CVE-2022-3705 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability was found in vim and classified as problematic.
network
high complexity
vim fedoraproject debian netapp CWE-119
7.5
2022-10-24 CVE-2022-43680 Use After Free vulnerability in multiple products
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
7.5
2022-10-21 CVE-2022-3649 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability was found in Linux Kernel.
local
high complexity
linux debian netapp CWE-119
7.0
2022-10-19 CVE-2022-23241 Unspecified vulnerability in Netapp Clustered Data Ontap 9.11.1
Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retention period.
network
low complexity
netapp
8.1
2022-10-18 CVE-2022-21600 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp
7.2
2022-10-17 CVE-2022-3564 Race Condition vulnerability in multiple products
A vulnerability classified as critical was found in Linux Kernel.
high complexity
linux debian netapp CWE-362
7.1