Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2022-03-18 CVE-2022-0742 Memory Leak vulnerability in multiple products
Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131.
network
low complexity
linux netapp CWE-401
7.5
2022-03-16 CVE-2022-27223 Improper Validation of Array Index vulnerability in multiple products
In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access.
network
low complexity
linux netapp debian CWE-129
8.8
2022-03-15 CVE-2022-0778 Infinite Loop vulnerability in multiple products
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli.
7.5
2022-03-11 CVE-2020-36518 Out-of-bounds Write vulnerability in multiple products
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
network
low complexity
fasterxml oracle debian netapp CWE-787
7.5
2022-03-10 CVE-2022-26488 Untrusted Search Path vulnerability in multiple products
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured.
local
high complexity
python netapp CWE-426
7.0
2022-03-10 CVE-2022-0516 A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel.
local
low complexity
linux fedoraproject debian redhat netapp
7.8
2022-03-10 CVE-2022-0847 Improper Initialization vulnerability in multiple products
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values.
7.8
2022-03-10 CVE-2022-0891 Out-of-bounds Write vulnerability in multiple products
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
network
low complexity
libtiff debian fedoraproject netapp CWE-787
7.1
2022-03-10 CVE-2021-3739 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’.
local
low complexity
linux fedoraproject netapp CWE-476
7.1
2022-03-06 CVE-2022-26490 Classic Buffer Overflow vulnerability in multiple products
st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.
local
low complexity
linux fedoraproject netapp debian CWE-120
7.8