High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-30	CVE-2023-27533	Injection vulnerability in multiple products A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. network low complexity haxx fedoraproject netapp splunk CWE-74	8.8
2023-03-30	CVE-2023-27534	Path Traversal vulnerability in multiple products A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element, in addition to its intended use as the first element to indicate a path relative to the user's home directory. network low complexity haxx fedoraproject netapp broadcom splunk CWE-22	8.8
2023-03-27	CVE-2023-1077	Type Confusion vulnerability in multiple products In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption. local high complexity linux debian netapp CWE-843	7.0
2023-03-27	CVE-2023-1380	Out-of-bounds Read vulnerability in multiple products A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. local low complexity redhat linux netapp debian canonical CWE-125	7.1
2023-03-16	CVE-2023-28466	NULL Pointer Dereference vulnerability in multiple products do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). local high complexity linux netapp debian CWE-476	7.0
2023-03-02	CVE-2022-38734	Unspecified vulnerability in Netapp Storagegrid StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability. network low complexity netapp	7.5
2023-02-26	CVE-2023-26607	Out-of-bounds Read vulnerability in multiple products In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c. local low complexity linux netapp CWE-125	7.1
2023-02-17	CVE-2023-24329	Improper Input Validation vulnerability in multiple products An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. network low complexity python fedoraproject netapp CWE-20	7.5
2023-02-15	CVE-2023-0361	Information Exposure Through Discrepancy vulnerability in multiple products A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. network high complexity gnu redhat debian fedoraproject netapp CWE-203	7.4
2023-01-17	CVE-2022-41858	NULL Pointer Dereference vulnerability in multiple products A flaw was found in the Linux kernel. local low complexity linux netapp CWE-476	7.1