Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-20 CVE-2021-28952 Classic Buffer Overflow vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.11.8.
local
low complexity
linux fedoraproject netapp CWE-120
7.8
2021-03-19 CVE-2021-21267 Resource Exhaustion vulnerability in multiple products
Schema-Inspector is an open-source tool to sanitize and validate JS objects (npm package schema-inspector).
network
low complexity
schema-inspector-project netapp CWE-400
7.5
2021-03-19 CVE-2021-26992 Unspecified vulnerability in Netapp Cloud Manager
Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability which could allow a remote attacker to cause a Denial of Service (DoS).
network
low complexity
netapp
7.5
2021-03-19 CVE-2021-26991 Unspecified vulnerability in Netapp Cloud Manager
Cloud Manager versions prior to 3.9.4 contain an insecure Cross-Origin Resource Sharing (CORS) policy which could allow a remote attacker to interact with Cloud Manager.
network
low complexity
netapp
7.5
2021-03-19 CVE-2020-25097 HTTP Request Smuggling vulnerability in multiple products
An issue was discovered in Squid through 4.13 and 5.x through 5.0.4.
network
low complexity
squid-cache debian fedoraproject netapp CWE-444
8.6
2021-03-18 CVE-2021-27358 The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
network
low complexity
grafana netapp
7.5
2021-03-17 CVE-2021-28660 Out-of-bounds Write vulnerability in multiple products
rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array.
8.8
2021-03-15 CVE-2021-28375 Missing Authorization vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.11.6.
local
low complexity
linux fedoraproject netapp CWE-862
7.8
2021-03-11 CVE-2020-5025 Classic Buffer Overflow vulnerability in multiple products
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 db2fm is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges.
local
low complexity
ibm netapp CWE-120
7.8
2021-03-11 CVE-2020-5024 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the SSL handshake response.
network
low complexity
ibm netapp
7.5