Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2022-05-26 CVE-2022-22576 Missing Authentication for Critical Function vulnerability in multiple products
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer.
network
low complexity
haxx debian netapp brocade splunk CWE-306
8.1
2022-05-25 CVE-2022-1678 An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
network
low complexity
linux netapp
7.5
2022-05-19 CVE-2022-28948 Deserialization of Untrusted Data vulnerability in multiple products
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
network
low complexity
yaml-project netapp CWE-502
7.5
2022-05-19 CVE-2022-1183 Reachable Assertion vulnerability in multiple products
On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure.
network
low complexity
isc netapp CWE-617
7.5
2022-05-18 CVE-2022-1734 Use After Free vulnerability in multiple products
A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.
local
high complexity
linux debian netapp CWE-416
7.0
2022-05-17 CVE-2022-1116 Integer Overflow or Wraparound vulnerability in multiple products
Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root.
local
low complexity
linux netapp CWE-190
7.8
2022-05-17 CVE-2022-29581 Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root.
local
low complexity
linux debian canonical netapp
7.8
2022-05-16 CVE-2022-1679 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages.
local
low complexity
linux debian netapp CWE-416
7.8
2022-05-12 CVE-2022-30594 Missing Authorization vulnerability in multiple products
The Linux kernel before 5.17.2 mishandles seccomp permissions.
local
low complexity
linux debian netapp CWE-862
7.8
2022-05-08 CVE-2022-1619 Heap-based Buffer Overflow vulnerability in multiple products
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899.
local
low complexity
vim fedoraproject debian netapp apple CWE-122
7.8