Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2022-10-17 CVE-2022-3545 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A vulnerability has been found in Linux Kernel and classified as critical.
local
low complexity
linux netapp debian CWE-119
7.8
2022-10-13 CVE-2022-31123 Improper Verification of Cryptographic Signature vulnerability in multiple products
Grafana is an open source observability and data visualization platform.
local
low complexity
grafana netapp CWE-347
7.8
2022-10-02 CVE-2022-42003 Deserialization of Untrusted Data vulnerability in multiple products
In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.
network
low complexity
fasterxml quarkus debian netapp CWE-502
7.5
2022-10-02 CVE-2022-42004 Deserialization of Untrusted Data vulnerability in multiple products
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays.
network
low complexity
fasterxml quarkus debian netapp CWE-502
7.5
2022-09-29 CVE-2022-38732 Unspecified vulnerability in Netapp Snapcenter
SnapCenter versions prior to 4.7 shipped without Content Security Policy (CSP) implemented which could allow certain types of attacks that otherwise would be prevented.
network
low complexity
netapp
7.5
2022-09-21 CVE-2022-38177 Memory Leak vulnerability in multiple products
By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak.
network
low complexity
isc debian fedoraproject netapp CWE-401
7.5
2022-09-21 CVE-2022-38178 Memory Leak vulnerability in multiple products
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak.
network
low complexity
isc debian fedoraproject netapp CWE-401
7.5
2022-09-21 CVE-2022-41222 Use After Free vulnerability in multiple products
mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
local
high complexity
linux debian netapp canonical CWE-416
7.0
2022-09-14 CVE-2022-3202 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel.
local
low complexity
linux netapp CWE-476
7.1
2022-09-09 CVE-2022-2964 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices.
local
low complexity
linux redhat netapp CWE-119
7.8