Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-02-28 CVE-2022-23240 Unspecified vulnerability in Netapp Active IQ Unified Manager
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows unauthorized users to update EMS Subscriptions via unspecified vectors.
network
low complexity
netapp
6.5
2023-02-25 CVE-2023-26545 Double Free vulnerability in multiple products
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
local
high complexity
linux netapp CWE-415
4.7
2023-02-23 CVE-2023-23915 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel.
network
low complexity
haxx netapp splunk CWE-319
6.5
2023-02-23 CVE-2023-23916 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms.
network
low complexity
haxx fedoraproject debian netapp splunk CWE-770
6.5
2023-02-03 CVE-2023-25136 Double Free vulnerability in multiple products
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling.
network
high complexity
openbsd fedoraproject netapp CWE-415
6.5
2022-12-05 CVE-2022-35260 Out-of-bounds Write vulnerability in multiple products
curl can be told to parse a `.netrc` file for credentials.
network
low complexity
haxx netapp apple splunk CWE-787
6.5
2022-11-25 CVE-2022-45887 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
An issue was discovered in the Linux kernel through 6.0.9.
local
high complexity
linux netapp CWE-772
4.7
2022-11-25 CVE-2022-45888 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel through 6.0.9.
high complexity
linux netapp CWE-416
6.4
2022-10-21 CVE-2022-3597 Out-of-bounds Write vulnerability in multiple products
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp debian CWE-787
6.5
2022-10-21 CVE-2022-3599 Out-of-bounds Read vulnerability in multiple products
LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file.
network
low complexity
libtiff netapp debian CWE-125
6.5