Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp clustered data ontap - vulnerabilities and exploits
(subscribe to this query)
7.7
CVSSv3
CVE-2017-12423
NetApp Clustered Data ONTAP 8.3.x prior to 8.3.2P12 allows remote authenticated users to read data on other Storage Virtual Machines (SVMs) via unspecified vectors.
Netapp Clustered Data Ontap 8.3.1
Netapp Clustered Data Ontap 8.3.2p11
Netapp Clustered Data Ontap 8.3.2
Netapp Clustered Data Ontap 8.3
7.6
CVSSv3
CVE-2024-21985
ONTAP 9 versions before 9.9.1P18, 9.10.1P16, 9.11.1P13, 9.12.1P10 and 9.13.1P4 are susceptible to a vulnerability which could allow an authenticated user with multiple remote accounts with differing roles to perform actions via REST API beyond their intended privilege. Possible a...
Netapp Clustered Data Ontap 9.9.1
Netapp Clustered Data Ontap 9.10.1
Netapp Clustered Data Ontap
Netapp Clustered Data Ontap 9.11.1
Netapp Clustered Data Ontap 9.12.1
Netapp Clustered Data Ontap 9.13.1
7.5
CVSSv3
CVE-2023-27314
ONTAP 9 versions before 9.8P19, 9.9.1P16, 9.10.1P12, 9.11.1P8, 9.12.1P2 and 9.13.1 are susceptible to a vulnerability which could allow a remote unauthenticated malicious user to cause a crash of the HTTP service.
Netapp Clustered Data Ontap 9.9.1
Netapp Clustered Data Ontap 9.8
Netapp Clustered Data Ontap 9.10.0
Netapp Clustered Data Ontap 9.10.1
Netapp Clustered Data Ontap 9.12.0
Netapp Clustered Data Ontap 9.13.0
Netapp Clustered Data Ontap
7.5
CVSSv3
CVE-2023-3107
A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field. This allows an malicious user to trigger a kernel panic, resulting in a denial of service.
Freebsd Freebsd 12.4
Freebsd Freebsd 13.1
Freebsd Freebsd 13.2
Netapp Clustered Data Ontap 9.0
7.5
CVSSv3
CVE-2023-38403
iperf3 prior to 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.
Es Iperf3
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap 9.0
Apple Macos 14.0
Apple Macos
7.5
CVSSv3
CVE-2023-2953
A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.
Openldap Openldap 2.4
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Apple Macos
Netapp Clustered Data Ontap -
Netapp Active Iq Unified Manager -
Netapp Ontap Tools -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
7.5
CVSSv3
CVE-2023-28319
A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the ...
Haxx Curl
Apple Macos
Netapp Clustered Data Ontap -
Netapp Ontap Antivirus Connector -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
1 Github repository
7.5
CVSSv3
CVE-2022-40303
An issue exists in libxml2 prior to 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation...
Xmlsoft Libxml2
Netapp Ontap Select Deploy Administration Utility -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Active Iq Unified Manager -
Netapp Snapmanager -
Netapp Netapp Manageability Sdk -
Apple Macos
Apple Watchos
Apple Tvos
Apple Ipados
Apple Iphone Os
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
7.5
CVSSv3
CVE-2022-3602
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue...
Openssl Openssl
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Netapp Clustered Data Ontap -
Fedoraproject Fedora 26
Fedoraproject Fedora 27
Nodejs Node.js 19.0.0
Nodejs Node.js 18.12.0
Nodejs Node.js
30 Github repositories
1 Article
7.5
CVSSv3
CVE-2022-29404
In Apache HTTP Server 2.4.53 and previous versions, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size.
Apache Http Server
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Clustered Data Ontap -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hard-coded
CVE-2024-27202
NULL pointer dereference
CVE-2024-28075
CVE-2024-33608
CVE-2024-28889
CVE-2024-34572
template injection
CVE-2024-34351
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »