Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2022-04-29 CVE-2022-1353 A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel.
local
low complexity
linux debian redhat netapp
7.1
2022-04-27 CVE-2022-24735 Redis is an in-memory database that persists on disk.
local
low complexity
redis fedoraproject netapp oracle
7.8
2022-04-22 CVE-2021-38886 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm netapp CWE-352
8.8
2022-04-20 CVE-2022-24675 Uncontrolled Recursion vulnerability in multiple products
encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.
network
low complexity
golang fedoraproject netapp CWE-674
7.5
2022-04-13 CVE-2015-20107 Command Injection vulnerability in multiple products
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file.
network
low complexity
python netapp fedoraproject CWE-77
7.6
2022-04-13 CVE-2022-29156 Double Free vulnerability in multiple products
drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release.
local
low complexity
linux netapp CWE-415
7.8
2022-04-11 CVE-2022-28893 Use After Free vulnerability in multiple products
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
local
low complexity
linux netapp debian CWE-416
7.8
2022-04-08 CVE-2022-28796 Race Condition vulnerability in multiple products
jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.
local
high complexity
linux redhat fedoraproject netapp CWE-362
7.0
2022-04-04 CVE-2022-24785 Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates.
network
low complexity
momentjs tenable netapp fedoraproject debian
7.5
2022-04-03 CVE-2022-28390 Double Free vulnerability in multiple products
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
local
low complexity
linux fedoraproject debian netapp CWE-415
7.8