Vulnerabilities > Netapp > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-18 | CVE-2022-0742 | Memory Leak vulnerability in multiple products Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. | 7.5 |
2022-03-16 | CVE-2022-27223 | Improper Validation of Array Index vulnerability in multiple products In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access. | 8.8 |
2022-03-15 | CVE-2022-0778 | Infinite Loop vulnerability in multiple products The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. | 7.5 |
2022-03-11 | CVE-2020-36518 | Out-of-bounds Write vulnerability in multiple products jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. | 7.5 |
2022-03-10 | CVE-2022-26488 | Untrusted Search Path vulnerability in multiple products In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. | 7.0 |
2022-03-10 | CVE-2022-0516 | A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. | 7.8 |
2022-03-10 | CVE-2022-0847 | Improper Initialization vulnerability in multiple products A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. | 7.8 |
2022-03-10 | CVE-2022-0891 | Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact | 7.1 |
2022-03-10 | CVE-2021-3739 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. | 7.1 |
2022-03-06 | CVE-2022-26490 | Classic Buffer Overflow vulnerability in multiple products st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. | 7.8 |