Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-09	CVE-2021-0127	Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access. local low complexity netapp intel	5.5
2022-02-09	CVE-2021-0145	Improper Initialization vulnerability in multiple products Improper initialization of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity netapp intel CWE-665	5.5
2022-02-09	CVE-2021-33068	NULL Pointer Dereference vulnerability in multiple products Null pointer dereference in subsystem for Intel(R) AMT before versions 15.0.35 may allow an authenticated user to potentially enable denial of service via network access. network low complexity intel netapp CWE-476	6.5
2022-02-08	CVE-2022-21713	Authorization Bypass Through User-Controlled Key vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. network low complexity grafana netapp fedoraproject CWE-639	4.3
2022-02-08	CVE-2022-21702	Cross-site Scripting vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. network low complexity grafana netapp fedoraproject CWE-79	5.4
2022-01-26	CVE-2021-22570	NULL Pointer Dereference vulnerability in multiple products Nullptr dereference when a null char is present in a proto symbol. local low complexity google debian fedoraproject oracle netapp CWE-476	5.5
2022-01-24	CVE-2022-23437	Infinite Loop vulnerability in multiple products There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. network low complexity apache oracle netapp CWE-835	6.5
2022-01-10	CVE-2022-22844	Out-of-bounds Read vulnerability in multiple products LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field. local low complexity libtiff debian netapp CWE-125	5.5
2021-12-23	CVE-2021-27006	Unspecified vulnerability in Netapp Storagegrid StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a vulnerability which may allow an administrative user to escalate their privileges and modify settings in SANtricity System Manager. local low complexity netapp	4.4
2021-12-18	CVE-2021-45105	Uncontrolled Recursion vulnerability in multiple products Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. network high complexity apache netapp debian sonicwall oracle CWE-674	5.9