Vulnerabilities > Netapp > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-08 | CVE-2022-1619 | Heap-based Buffer Overflow vulnerability in multiple products Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. | 7.8 |
2022-05-06 | CVE-2022-24903 | Improper Validation of Specified Quantity in Input vulnerability in multiple products Rsyslog is a rocket-fast system for log processing. | 8.1 |
2022-05-03 | CVE-2022-1473 | Incomplete Cleanup vulnerability in multiple products The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. | 7.5 |
2022-05-02 | CVE-2022-29968 | Missing Initialization of Resource vulnerability in multiple products An issue was discovered in the Linux kernel through 5.17.5. | 7.8 |
2022-05-01 | CVE-2022-25647 | Deserialization of Untrusted Data vulnerability in multiple products The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks. | 7.5 |
2022-05-01 | CVE-2022-25844 | The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value. | 7.5 |
2022-04-29 | CVE-2022-1048 | Use After Free vulnerability in multiple products A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. | 7.0 |
2022-04-29 | CVE-2022-1353 | A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. | 7.1 |
2022-04-27 | CVE-2022-24735 | Code Injection vulnerability in multiple products Redis is an in-memory database that persists on disk. | 7.8 |
2022-04-22 | CVE-2021-38886 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |