Vulnerabilities > Netapp > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-07-18 CVE-2023-22054 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle fedoraproject netapp
4.9
2023-07-18 CVE-2023-22056 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle fedoraproject netapp
4.9
2023-07-18 CVE-2023-22057 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication).
network
low complexity
oracle fedoraproject netapp
4.9
2023-07-18 CVE-2023-22058 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL).
network
high complexity
oracle fedoraproject netapp
4.4
2023-07-14 CVE-2023-2975 Improper Authentication vulnerability in multiple products
Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be misled by removing, adding or reordering such empty entries as these are ignored by the OpenSSL implementation.
network
low complexity
openssl netapp CWE-287
5.3
2023-06-30 CVE-2023-3338 NULL Pointer Dereference vulnerability in multiple products
A null pointer dereference flaw was found in the Linux kernel's DECnet networking protocol.
network
low complexity
linux netapp debian CWE-476
6.5
2023-06-23 CVE-2023-3212 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel.
4.4
2023-05-26 CVE-2023-27311 Path Traversal vulnerability in Netapp Blue XP Connector
NetApp Blue XP Connector versions prior to 3.9.25 expose information via a directory listing.
network
low complexity
netapp CWE-22
5.3
2023-05-26 CVE-2023-2898 NULL Pointer Dereference vulnerability in multiple products
There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel.
local
high complexity
linux debian netapp CWE-476
4.7
2023-05-26 CVE-2023-28320 Resource Exhaustion vulnerability in multiple products
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time.
network
high complexity
haxx apple netapp CWE-400
5.9