Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-02-28 CVE-2022-23240 Unspecified vulnerability in Netapp Active IQ Unified Manager
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows unauthorized users to update EMS Subscriptions via unspecified vectors.
network
low complexity
netapp
6.5
2023-02-25 CVE-2023-26545 Double Free vulnerability in multiple products
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
local
high complexity
linux netapp CWE-415
4.7
2023-02-23 CVE-2023-23915 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel.
network
low complexity
haxx netapp splunk CWE-319
6.5
2023-02-23 CVE-2023-23916 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms.
network
low complexity
haxx fedoraproject debian netapp splunk CWE-770
6.5
2023-02-03 CVE-2023-25136 Double Free vulnerability in multiple products
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling.
network
high complexity
openbsd fedoraproject netapp CWE-415
6.5
2022-12-05 CVE-2022-35260 Out-of-bounds Write vulnerability in multiple products
curl can be told to parse a `.netrc` file for credentials.
network
low complexity
haxx netapp apple splunk CWE-787
6.5
2022-11-25 CVE-2022-45887 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue was discovered in the Linux kernel through 6.0.9.
local
high complexity
linux netapp CWE-772
4.7
2022-11-25 CVE-2022-45888 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel through 6.0.9.
high complexity
linux netapp CWE-416
6.4
2022-11-07 CVE-2022-44792 NULL Pointer Dereference vulnerability in multiple products
handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
network
low complexity
net-snmp debian netapp CWE-476
6.5
2022-11-07 CVE-2022-44793 NULL Pointer Dereference vulnerability in multiple products
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
network
low complexity
net-snmp debian netapp CWE-476
6.5