Vulnerabilities > Netapp > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-15 | CVE-2016-20012 | OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. | 5.3 |
| 2021-09-09 | CVE-2020-19144 | Out-of-bounds Write vulnerability in multiple products Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'. | 6.5 |
| 2021-08-31 | CVE-2021-3634 | Out-of-bounds Write vulnerability in multiple products A flaw has been found in libssh in versions prior to 0.9.6. | 6.5 |
| 2021-08-23 | CVE-2021-39140 | Infinite Loop vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 6.3 |
| 2021-08-16 | CVE-2021-22939 | Improper Certificate Validation vulnerability in multiple products If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted. | 5.3 |
| 2021-08-08 | CVE-2021-38199 | fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. | 6.5 |
| 2021-08-08 | CVE-2021-38203 | Improper Locking vulnerability in multiple products btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info. | 5.5 |
| 2021-08-06 | CVE-2021-26998 | Information Exposure Through Log Files vulnerability in Netapp Cloud Manager NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. | 4.3 |
| 2021-08-06 | CVE-2021-26999 | Information Exposure Through Log Files vulnerability in Netapp Cloud Manager NetApp Cloud Manager versions prior to 3.9.9 log sensitive information when an Active Directory connection fails. | 4.3 |
| 2021-08-05 | CVE-2021-22922 | Improper Handling of Exceptional Conditions vulnerability in multiple products When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. | 6.5 |