High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-18	CVE-2021-33060	Out-of-bounds Write vulnerability in multiple products Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. local low complexity intel netapp CWE-787	7.8
2022-08-10	CVE-2022-28131	Uncontrolled Recursion vulnerability in multiple products Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document. network low complexity golang fedoraproject netapp CWE-674	7.5
2022-08-05	CVE-2022-1973	A use-after-free flaw was found in the Linux kernel in log_replay in fs/ntfs3/fslog.c in the NTFS journal. local low complexity linux fedoraproject netapp	7.1
2022-08-03	CVE-2022-35737	Improper Validation of Array Index vulnerability in multiple products SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API. network low complexity sqlite netapp splunk CWE-129	7.5
2022-07-29	CVE-2022-36123	The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). local low complexity linux netapp	7.8
2022-07-27	CVE-2022-36946	nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. network low complexity linux debian netapp	7.5
2022-07-26	CVE-2022-1671	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. local low complexity linux netapp CWE-476	7.1
2022-07-19	CVE-2022-34169	Incorrect Conversion between Numeric Types vulnerability in multiple products The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. network low complexity apache debian oracle fedoraproject netapp azul CWE-681	7.5
2022-07-15	CVE-2022-30634	Infinite Loop vulnerability in multiple products Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. network low complexity golang netapp CWE-835	7.5
2022-07-15	CVE-2022-31107	Grafana is an open-source platform for monitoring and observability. network high complexity grafana netapp	7.5