Vulnerabilities > Netapp > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-17 | CVE-2022-3545 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability has been found in Linux Kernel and classified as critical. | 7.8 |
2022-10-13 | CVE-2022-31123 | Improper Verification of Cryptographic Signature vulnerability in multiple products Grafana is an open source observability and data visualization platform. | 7.8 |
2022-10-02 | CVE-2022-42003 | Deserialization of Untrusted Data vulnerability in multiple products In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. | 7.5 |
2022-10-02 | CVE-2022-42004 | Deserialization of Untrusted Data vulnerability in multiple products In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. | 7.5 |
2022-09-29 | CVE-2022-38732 | Unspecified vulnerability in Netapp Snapcenter SnapCenter versions prior to 4.7 shipped without Content Security Policy (CSP) implemented which could allow certain types of attacks that otherwise would be prevented. | 7.5 |
2022-09-21 | CVE-2022-38177 | Memory Leak vulnerability in multiple products By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. | 7.5 |
2022-09-21 | CVE-2022-38178 | Memory Leak vulnerability in multiple products By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. | 7.5 |
2022-09-21 | CVE-2022-41222 | Use After Free vulnerability in multiple products mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. | 7.0 |
2022-09-14 | CVE-2022-3202 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. | 7.1 |
2022-09-09 | CVE-2022-2964 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. | 7.8 |