High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-26	CVE-2022-1671	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. local low complexity linux netapp CWE-476	7.1
2022-07-19	CVE-2022-34169	Incorrect Conversion between Numeric Types vulnerability in multiple products The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. network low complexity apache debian oracle fedoraproject netapp azul CWE-681	7.5
2022-07-15	CVE-2022-30634	Infinite Loop vulnerability in multiple products Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. network low complexity golang netapp CWE-835	7.5
2022-07-15	CVE-2022-31107	Incorrect Authorization vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. network high complexity grafana netapp CWE-863	7.5
2022-07-15	CVE-2022-31097	Cross-site Scripting vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. network low complexity grafana netapp CWE-79	8.7
2022-07-07	CVE-2022-2048	In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. network low complexity eclipse debian netapp jenkins	7.5
2022-07-04	CVE-2022-34918	Type Confusion vulnerability in multiple products An issue was discovered in the Linux kernel through 5.18.9. local low complexity linux debian canonical netapp CWE-843	7.8
2022-06-13	CVE-2022-29244	Information Exposure vulnerability in multiple products npm pack ignores root-level .gitignore and .npmignore file exclusion directives when run in a workspace or with a workspace flag (ie. network low complexity npmjs netapp CWE-200	7.5
2022-06-09	CVE-2022-26377	HTTP Request Smuggling vulnerability in multiple products Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. network low complexity apache fedoraproject netapp CWE-444	7.5
2022-06-09	CVE-2022-29404	Allocation of Resources Without Limits or Throttling vulnerability in multiple products In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size. network low complexity apache fedoraproject netapp CWE-770	7.5