Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Netapp Subscribe
Total 2037 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1587 4 Fedoraproject, Netapp, Pcre and 1 more 17 Fedora, Active Iq Unified Manager, H300s and 14 more 2023-03-15 6.4 MEDIUM 9.1 CRITICAL
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.
CVE-2022-1586 4 Fedoraproject, Netapp, Pcre and 1 more 17 Fedora, Active Iq Unified Manager, H300s and 14 more 2023-03-15 6.4 MEDIUM 9.1 CRITICAL
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.
CVE-2022-38023 3 Fedoraproject, Microsoft, Netapp 8 Fedora, Windows Server 2008, Windows Server 2012 and 5 more 2023-03-10 N/A 8.1 HIGH
Netlogon RPC Elevation of Privilege Vulnerability
CVE-2022-37967 3 Fedoraproject, Microsoft, Netapp 8 Fedora, Windows Server 2008, Windows Server 2012 and 5 more 2023-03-10 N/A 7.2 HIGH
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2022-37966 3 Fedoraproject, Microsoft, Netapp 8 Fedora, Windows Server 2008, Windows Server 2012 and 5 more 2023-03-10 N/A 8.1 HIGH
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability
CVE-2022-23239 1 Netapp 1 Active Iq Unified Manager 2023-03-10 N/A 4.8 MEDIUM
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting (XSS) attack.
CVE-2022-23240 1 Netapp 1 Active Iq Unified Manager 2023-03-10 N/A 6.5 MEDIUM
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows unauthorized users to update EMS Subscriptions via unspecified vectors.
CVE-2022-38734 1 Netapp 1 Storagegrid 2023-03-09 N/A 7.5 HIGH
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router (LDR) service.
CVE-2022-43945 2 Linux, Netapp 12 Linux Kernel, Active Iq Unified Manager, H300s and 9 more 2023-03-08 N/A 7.5 HIGH
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2019-15098 5 Canonical, Debian, Linux and 2 more 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.
CVE-2019-15212 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
CVE-2019-13990 4 Apache, Netapp, Oracle and 1 more 30 Tomee, Active Iq Unified Manager, Cloud Secure Agent and 27 more 2023-03-03 7.5 HIGH 9.8 CRITICAL
initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.
CVE-2022-3545 3 Debian, Linux, Netapp 12 Debian Linux, Linux Kernel, H300s and 9 more 2023-03-03 N/A 7.8 HIGH
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.
CVE-2019-15217 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
CVE-2019-15218 6 Canonical, Debian, Linux and 3 more 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
CVE-2019-15219 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
CVE-2019-15220 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
CVE-2019-15221 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
CVE-2019-15222 3 Linux, Netapp, Opensuse 8 Linux Kernel, Active Iq Unified Manager, Baseboard Management Controller H410c and 5 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.
CVE-2019-15223 3 Canonical, Linux, Netapp 8 Ubuntu Linux, Linux Kernel, Active Iq Unified Manager and 5 more 2023-03-03 4.9 MEDIUM 4.6 MEDIUM
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver.