Vulnerabilities > Netapp > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-24 | CVE-2021-3999 | Off-by-one Error vulnerability in multiple products A flaw was found in glibc. | 7.8 |
2022-08-24 | CVE-2021-4204 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. | 7.1 |
2022-08-23 | CVE-2022-2938 | Use After Free vulnerability in multiple products A flaw was found in the Linux kernel's implementation of Pressure Stall Information. | 7.8 |
2022-08-23 | CVE-2022-31676 | Improper Privilege Management vulnerability in multiple products VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. | 7.8 |
2022-08-18 | CVE-2021-33060 | Out-of-bounds Write vulnerability in multiple products Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
2022-08-10 | CVE-2022-28131 | Uncontrolled Recursion vulnerability in multiple products Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document. | 7.5 |
2022-08-05 | CVE-2022-1973 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. | 7.1 |
2022-08-03 | CVE-2022-35737 | Improper Validation of Array Index vulnerability in multiple products SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. | 7.5 |
2022-07-29 | CVE-2022-36123 | The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). | 7.8 |
2022-07-27 | CVE-2022-36946 | nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. | 7.5 |