Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2021-10-04 CVE-2021-32675 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Redis is an open source, in-memory database that persists on disk.
network
low complexity
redis fedoraproject debian netapp oracle CWE-770
7.5
2021-10-04 CVE-2021-32687 Integer Overflow to Buffer Overflow vulnerability in multiple products
Redis is an open source, in-memory database that persists on disk.
network
high complexity
redis fedoraproject debian netapp oracle CWE-680
7.5
2021-10-04 CVE-2021-32762 Integer Overflow to Buffer Overflow vulnerability in multiple products
Redis is an open source, in-memory database that persists on disk.
network
low complexity
redis debian fedoraproject netapp oracle CWE-680
8.8
2021-10-04 CVE-2021-41099 Integer Overflow to Buffer Overflow vulnerability in multiple products
Redis is an open source, in-memory database that persists on disk.
network
high complexity
redis fedoraproject debian netapp oracle CWE-680
7.5
2021-10-02 CVE-2021-41864 Integer Overflow or Wraparound vulnerability in multiple products
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
local
low complexity
linux fedoraproject netapp debian CWE-190
7.8
2021-09-29 CVE-2021-22946 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl).
7.5
2021-09-26 CVE-2021-41617 sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. 7.0
2021-09-20 CVE-2021-38300 arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context.
local
low complexity
linux netapp debian
7.8
2021-09-19 CVE-2021-41073 Release of Invalid Pointer or Reference vulnerability in multiple products
loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation.
local
low complexity
linux debian fedoraproject netapp CWE-763
7.8
2021-09-16 CVE-2021-34798 NULL Pointer Dereference vulnerability in multiple products
Malformed requests may cause the server to dereference a NULL pointer.
7.5