VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Netapp
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-05-17
CVE-2022-29581
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root.
local
low complexity
linux
debian
canonical
netapp
7.8
7.8
2022-05-16
CVE-2022-1679
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages.
local
low complexity
linux
debian
netapp
7.8
7.8
2022-05-12
CVE-2022-30594
Missing Authorization vulnerability in multiple products
The Linux kernel before 5.17.2 mishandles seccomp permissions.
local
low complexity
linux
debian
netapp
CWE-862
7.8
7.8
2022-05-08
CVE-2022-1619
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.
local
low complexity
vim
fedoraproject
debian
netapp
apple
7.8
7.8
2022-05-06
CVE-2022-24903
Improper Validation of Specified Quantity in Input vulnerability in multiple products
Rsyslog is a rocket-fast system for log processing.
network
high complexity
rsyslog
fedoraproject
debian
netapp
CWE-1284
8.1
8.1
2022-05-03
CVE-2022-1473
Incomplete Cleanup vulnerability in multiple products
The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries.
network
low complexity
openssl
netapp
CWE-459
7.5
7.5
2022-05-02
CVE-2022-29968
Missing Initialization of Resource vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.17.5.
local
low complexity
linux
fedoraproject
netapp
CWE-909
7.8
7.8
2022-05-01
CVE-2022-25647
Deserialization of Untrusted Data vulnerability in multiple products
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
network
low complexity
google
debian
netapp
oracle
CWE-502
7.5
7.5
2022-05-01
CVE-2022-25844
The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value.
network
low complexity
angularjs
fedoraproject
netapp
7.5
7.5
2022-04-29
CVE-2022-1048
Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params.
local
high complexity
linux
redhat
debian
netapp
CWE-416
7.0
7.0
«
Previous
1
2
...
14
15
16
(current)
17
18
...
75
76
»
Next