Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-09	CVE-2024-8372	Improper sanitization of the value of the '[srcset]' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects AngularJS versions 1.3.0-rc.4 and greater. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. network low complexity angularjs netapp	4.3
2024-09-09	CVE-2024-8373	Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. network low complexity angularjs netapp	4.3
2024-07-16	CVE-2024-21145	Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). network high complexity oracle netapp	4.8
2024-07-09	CVE-2024-21993	Unspecified vulnerability in Netapp Snapcenter SnapCenter versions prior to 5.0p1 are susceptible to a vulnerability which could allow an authenticated attacker to discover plaintext credentials. network low complexity netapp	6.5
2024-06-14	CVE-2024-21988	Improper Verification of Cryptographic Signature vulnerability in Netapp Storagegrid StorageGRID (formerly StorageGRID Webscale) versions prior to 11.7.0.9 and 11.8.0.5 are susceptible to disclosure of sensitive information via complex MiTM attacks due to a vulnerability in the SSH cryptographic implementation. network high complexity netapp CWE-347	5.3
2024-02-29	CVE-2024-26462	Memory Leak vulnerability in multiple products Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/kdc/ndr.c. local low complexity mit netapp CWE-401	5.5
2024-02-26	CVE-2022-34357	IBM Cognos Analytics Mobile Server 11.1.7, 11.2.4, and 12.0.0 is vulnerable to Denial of Service due to due to weak or absence of rate limiting. network low complexity netapp ibm	6.5
2024-02-26	CVE-2023-30996	IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. network low complexity netapp ibm	5.3
2024-02-26	CVE-2023-32344	IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to form action hijacking where it is possible to modify the form action to reference an arbitrary path. network low complexity netapp ibm	4.3
2024-02-26	CVE-2023-38359	IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 is vulnerable to cross-site scripting. network low complexity netapp ibm	6.1