High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-04	CVE-2022-43945	Allocation of Resources Without Limits or Throttling vulnerability in multiple products The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. network low complexity linux netapp CWE-770	7.5
2022-11-01	CVE-2022-3602	Out-of-bounds Write vulnerability in multiple products A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. network low complexity openssl fedoraproject netapp nodejs CWE-787	7.5
2022-10-31	CVE-2022-31690	Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. network high complexity vmware netapp	8.1
2022-10-29	CVE-2022-42915	Double Free vulnerability in multiple products curl before 7.86.0 has a double free. network high complexity haxx fedoraproject netapp apple splunk CWE-415	8.1
2022-10-26	CVE-2022-3705	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was found in vim and classified as problematic. network high complexity vim fedoraproject debian netapp CWE-119	7.5
2022-10-24	CVE-2022-43680	Use After Free vulnerability in multiple products In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. network low complexity libexpat-project debian fedoraproject netapp CWE-416	7.5
2022-10-21	CVE-2022-3649	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability was found in Linux Kernel. local high complexity linux debian netapp CWE-119	7.0
2022-10-19	CVE-2022-23241	Unspecified vulnerability in Netapp Clustered Data Ontap 9.11.1 Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are susceptible to a vulnerability which could allow an authenticated remote attacker to arbitrarily modify or delete WORM data prior to the end of the retention period. network low complexity netapp	8.1
2022-10-18	CVE-2022-21600	Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). network low complexity oracle netapp	7.2
2022-10-17	CVE-2022-3564	Race Condition vulnerability in multiple products A vulnerability classified as critical was found in Linux Kernel. high complexity linux debian netapp CWE-362	7.1