Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2023-05-08 CVE-2023-32233 Use After Free vulnerability in multiple products
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory.
local
low complexity
linux redhat netapp CWE-416
7.8
2023-05-01 CVE-2023-2236 Use After Free vulnerability in multiple products
A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Both io_install_fixed_file and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability. We recommend upgrading past commit 9d94c04c0db024922e886c9fd429659f22f48ea4.
local
low complexity
linux netapp CWE-416
7.8
2023-04-25 CVE-2023-0045 Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall.
network
low complexity
linux debian netapp CWE-610
7.5
2023-04-25 CVE-2023-29552 The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. 7.5
2023-04-24 CVE-2023-2007 Improper Locking vulnerability in multiple products
The specific flaw exists within the DPT I2O Controller driver.
local
low complexity
linux debian netapp CWE-667
7.8
2023-04-24 CVE-2023-2006 Race Condition vulnerability in multiple products
A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles.
local
high complexity
linux netapp CWE-362
7.0
2023-04-18 CVE-2023-21930 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE).
network
high complexity
oracle netapp debian
7.4
2023-04-11 CVE-2023-1989 Use After Free vulnerability in multiple products
A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel.
local
high complexity
linux netapp debian CWE-416
7.0
2023-04-05 CVE-2023-1838 Use After Free vulnerability in multiple products
A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget.
local
low complexity
linux netapp CWE-416
7.1
2023-03-31 CVE-2023-28464 Double Free vulnerability in multiple products
hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put.
local
low complexity
linux netapp CWE-415
7.8