netapp

2,510 tracked vulnerabilities.

CVE-2024-52533 CRITICAL
GNOME GLib < 2.82.1 - Buffer Overflow in SOCKS4 Proxy Connection Message Handling
Nov 11, 2024
CVSS 9.8
EPSS 0.03
CVE-2024-21994 MEDIUM
StorageGRID < 11.9.0 - Authenticated Denial of Service
Nov 08, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-38286 HIGH
Apache Tomcat <11.0.0-M21 - Allocation of Resources Without Limits ...
Nov 07, 2024
CVSS 8.6
EPSS 0.00
CVE-2024-49761 HIGH
REXML < 3.3.9 - Inefficient Regular Expression Complexity in Hex Numeric Character Reference Parsing
Oct 28, 2024
CVSS 7.5
EPSS 0.02
CVE-2024-50602 MEDIUM
Netapp Active IQ Unified Manager < 2.6.4 - Improper Condition Check
Oct 27, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-21262 MEDIUM
MySQL Connectors <= 9.0.0 - Unauthenticated Incorrect Authorization
Oct 15, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-21211 LOW
Oracle Java SE <23 - Compiler Vuln
Oct 15, 2024
CVSS 3.7
EPSS 0.00
CVE-2024-9823 MEDIUM
Eclipse Jetty 9.0.0-9.4.53 and 12.0.0-12.0.2 - Unauthenticated Denial of Service via DosFilter Memory Exhaustion
Oct 14, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-47814 LOW
Vim < 9.1.0764 - Use-After-Free via BufWinLeave Auto Command
Oct 07, 2024
CVSS 3.9
EPSS 0.00
CVE-2024-47554 MEDIUM
Apache Commons IO 2.0-2.13.0 - Uncontrolled Resource Consumption via XmlStreamReader
Oct 03, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-47561 HIGH
Apache Avro < 1.11.4 - Remote Code Execution via Schema Parsing
Oct 03, 2024
CVSS 7.3
EPSS 0.01
CVE-2024-7254 HIGH
Google Protobuf < 3.25.5 - Uncontrolled Recursion via Nested Groups
Sep 19, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-8096 MEDIUM
curl 7.41.0-8.10.0 - Improper Certificate Validation via OCSP Stapling
Sep 11, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-8373 MEDIUM
AngularJS - Content Spoofing via Improper Sanitization of srcset Attribute
Sep 09, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-8372 MEDIUM
AngularJS >=1.3.0-rc.4 - Content Spoofing
Sep 09, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-6119 HIGH
OpenSSL 3.0.0-3.0.14, 3.2.0-3.2.2, 3.3.0-3.3.1 - Denial of Service via Invalid Memory Access in Certificate Name Check
Sep 03, 2024
CVSS 7.5
EPSS 0.15
CVE-2024-43790 MEDIUM
Vim 9.1.0425-9.1.0689 - Heap-based Buffer Overflow via Search Pattern with ASCII NUL Characters
Aug 22, 2024
CVSS 4.5
EPSS 0.00
CVE-2024-43398 MEDIUM
REXML < 3.3.6 - Denial of Service via Deep XML Element Parsing
Aug 22, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-38808 MEDIUM
Spring Framework 5.3.0-5.3.38 - Denial of Service via SpEL Expression Parsing
Aug 20, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-43374 MEDIUM
Netapp Bootstrap OS < 9.1.0678 - Use After Free
Aug 16, 2024
CVSS 4.5
EPSS 0.00
CVE-2024-21147 HIGH
Netapp Active IQ Unified Manager - Information Disclosure
Jul 16, 2024
CVSS 7.4
EPSS 0.01
CVE-2024-21145 MEDIUM
Oracle GraalVM 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1 - Improper Access Control in 2D Component
Jul 16, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-21144 LOW
Oracle Java SE 8u411, 11.0.23 & GraalVM EE 20.3.14, 21.3.10 - Partial DoS in Concurrency
Jul 16, 2024
CVSS 3.7
EPSS 0.00
CVE-2024-21140 MEDIUM
Netapp Bluexp - Information Disclosure
Jul 16, 2024
CVSS 4.8
EPSS 0.01
CVE-2024-21138 LOW
Netapp Active IQ Unified Manager - Denial of Service
Jul 16, 2024
CVSS 3.7
EPSS 0.00
Products
oncommand_insight 971 active_iq_unified_manager 848 oncommand_workflow_automation 743 snapcenter 575 cloud_backup 345 h700s_firmware 289 h300s_firmware 288 h410s_firmware 288 h500s_firmware 288 e-series_santricity_os_controller 242 h410c_firmware 236 steelstore_cloud_integrated_storage 211 solidfire 192 clustered_data_ontap 187 hci_management_node 182 snapmanager 180 ontap_select_deploy_administration_utility 179 oncommand_unified_manager 169 h700e_firmware 149 h300e_firmware 148 h500e_firmware 148 e-series_santricity_storage_manager 140 storage_automation_store 113 solidfire_\&_hci_management_node 103 element_software 100 e-series_santricity_web_services 99 oncommand_balance 83 santricity_unified_manager 77 7-mode_transition_tool 75 oncommand_performance_manager 73
Quick Filters
Critical CVEs With Exploits In CISA KEV