Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2022-02-11 CVE-2022-24958 Release of Invalid Pointer or Reference vulnerability in multiple products
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
local
low complexity
linux fedoraproject netapp debian CWE-763
7.8
7.8
2022-02-11 CVE-2022-23772 Integer Overflow or Wraparound vulnerability in multiple products
Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.
network
low complexity
golang netapp debian CWE-190
7.5
7.5
2022-02-11 CVE-2022-23773 Interpretation Conflict vulnerability in multiple products
cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags.
network
low complexity
golang netapp CWE-436
7.5
7.5
2022-02-09 CVE-2021-0091 Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access.
local
low complexity
intel netapp
7.8
7.8
2022-02-09 CVE-2021-0099 Insufficient control flow management in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access.
local
low complexity
intel netapp
7.8
7.8
2022-02-09 CVE-2021-0116 Out-of-bounds Write vulnerability in multiple products
Out-of-bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
local
low complexity
netapp intel CWE-787
7.8
7.8
2022-02-09 CVE-2021-0117 Pointer issues in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
local
low complexity
netapp intel
7.8
7.8
2022-02-09 CVE-2021-0156 Improper Input Validation vulnerability in multiple products
Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access.
local
low complexity
netapp intel CWE-20
7.8
7.8
2022-02-09 CVE-2022-0391 Injection vulnerability in multiple products
A flaw was found in Python, specifically within the urllib.parse module.
network
low complexity
python netapp fedoraproject oracle CWE-74
7.5
7.5
2022-02-08 CVE-2022-21703 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana netapp fedoraproject CWE-352
8.8
8.8