netapp

2,510 tracked vulnerabilities.

CVE-2022-29526 MEDIUM
GO < 1.17.10 - Improper Privilege Management
Jun 23, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-2068 HIGH
OpenSSL 1.0.2-1.0.2ze, 1.1.1-1.1.1o, 3.0.0-3.0.3 - OS Command Injection via c_rehash Script
Jun 21, 2022
CVSS 7.3
EPSS 0.20
CVE-2022-29244 HIGH
npm <7.9.0-7.13.0 - Info Disclosure
Jun 13, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-31813 CRITICAL
Apache HTTP Server < 2.4.54 - Insufficient Verification of Data Authenticity via X-Forwarded-* Headers
Jun 09, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-30556 HIGH
Apache HTTP Server < 2.4.54 - Exposure of Sensitive Information via Buffer Length Mismanagement
Jun 09, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-30522 HIGH
Apache HTTP Server 2.4.53 - Denial of Service via mod_sed Large Input Transformation
Jun 09, 2022
CVSS 7.5
EPSS 0.10
CVE-2022-29404 HIGH
Apache HTTP Server < 2.4.53 - Denial of Service via Lua Script r:parsebody(0)
Jun 09, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-28615 CRITICAL
Apache HTTP Server <2.4.53 - Info Disclosure
Jun 09, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-28614 MEDIUM
Apache HTTP Server <2.4.53 - Memory Corruption
Jun 09, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-26377 HIGH
Apache HTTP Server 2.4.0-2.4.53 - HTTP Request Smuggling via mod_proxy_ajp
Jun 09, 2022
CVSS 7.5
EPSS 0.39
CVE-2022-1998 HIGH
Linux Kernel 5.10.46-5.10.97 - Use-After-Free in File System Notify
Jun 09, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-32250 HIGH
Linux Kernel 4.1-5.18.1 - Use-After-Free in nf_tables_api.c
Jun 02, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-30115 MEDIUM
curl 7.82.0-7.83.0 - Cleartext Transmission of Sensitive Information via HSTS Bypass
Jun 02, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-27781 HIGH
curl < 7.83.1 - Denial of Service via Malicious Server Certificate Chain
Jun 02, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-27780 HIGH
curl 7.80.0-7.83.0 - URL Hostname Spoofing via Percent-Encoded Separator Bypass
Jun 02, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-27779 MEDIUM
curl 7.82.0-7.83.0 - Cookie Injection for Top-Level Domains via Trailing Dot Bypass
Jun 02, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-27778 HIGH
cURL - Use of Incorrectly Resolved Name
Jun 02, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-27776 MEDIUM
curl < 7.83.0 - Credential Leak via HTTP Redirect to Different Port
Jun 02, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27775 HIGH
curl 7.65.0-7.82.0 - Information Disclosure via IPv6 Connection Reuse
Jun 02, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-27774 MEDIUM
curl 4.9-7.82.0 - Credential Leak via HTTP Redirect
Jun 02, 2022
CVSS 5.7
EPSS 0.00
CVE-2022-23237 MEDIUM
E-Series SANtricity OS Controller 11.0.0-11.70.2 - Open Redirect via Host Header Injection
Jun 02, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-23236 MEDIUM
NetApp E-Series SANtricity OS Controller 11.40-11.70.2 - Cleartext Storage of LDAP BIND Password
Jun 02, 2022
CVSS 4.4
EPSS 0.00
CVE-2022-1786 HIGH
Linux Kernel 5.10-5.11 - Use-After-Free in io_uring IORING_SETUP_IOPOLL
Jun 02, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-1652 HIGH
Linux Kernel 2.6.12-4.9.315 - Use-After-Free in bad_flp_intr Function
Jun 02, 2022
CVSS 7.8
EPSS 0.01
CVE-2022-22576 HIGH
curl 7.33.0-7.82.0 - Improper Authentication via OAUTH2 Connection Reuse
May 26, 2022
CVSS 8.1
EPSS 0.00
Products
oncommand_insight 971 active_iq_unified_manager 848 oncommand_workflow_automation 743 snapcenter 575 cloud_backup 345 h700s_firmware 289 h300s_firmware 288 h410s_firmware 288 h500s_firmware 288 e-series_santricity_os_controller 242 h410c_firmware 236 steelstore_cloud_integrated_storage 211 solidfire 192 clustered_data_ontap 187 hci_management_node 182 snapmanager 180 ontap_select_deploy_administration_utility 179 oncommand_unified_manager 169 h700e_firmware 149 h300e_firmware 148 h500e_firmware 148 e-series_santricity_storage_manager 140 storage_automation_store 113 solidfire_\&_hci_management_node 103 element_software 100 e-series_santricity_web_services 99 oncommand_balance 83 santricity_unified_manager 77 7-mode_transition_tool 75 oncommand_performance_manager 73
Quick Filters
Critical CVEs With Exploits In CISA KEV