Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp storagegrid - vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-12099
Grafana prior to 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
Grafana Grafana
Netapp Active Iq Performance Analytics Services -
Netapp Storagegrid Webscale Nas Bridge -
7.5
CVSSv3
CVE-2022-23773
cmd/go in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags.
Golang Go
Netapp Beegfs Csi Driver -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Storagegrid -
1 Github repository
5.9
CVSSv3
CVE-2018-1302
When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurati...
Apache Http Server
Canonical Ubuntu Linux 18.04
Netapp Clustered Data Ontap -
Netapp Santricity Cloud Connector -
Netapp Storage Automation Store -
Netapp Storagegrid -
7.5
CVSSv3
CVE-2022-23772
Rat.SetString in math/big in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption.
Golang Go
Netapp Beegfs Csi Driver -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Storagegrid -
Debian Debian Linux 9.0
1 Github repository
9.1
CVSSv3
CVE-2022-23806
Curve.IsOnCurve in crypto/elliptic in Go prior to 1.16.14 and 1.17.x prior to 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.
Golang Go
Netapp Beegfs Csi Driver -
Netapp Cloud Insights Telegraf Agent -
Netapp Kubernetes Monitoring Operator -
Netapp Storagegrid -
Debian Debian Linux 9.0
3 Github repositories
5.3
CVSSv3
CVE-2024-21988
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.7.0.9 and 11.8.0.5 are susceptible to disclosure of sensitive information via complex MiTM attacks due to a vulnerability in the SSH cryptographic implementation.
Netapp Storagegrid
6.5
CVSSv3
CVE-2024-21983
StorageGRID (formerly StorageGRID Webscale) versions before 11.8 are susceptible to a Denial of Service (DoS) vulnerability. Successful exploit by an authenticated attacker could lead to an out of memory condition or node reboot.
Netapp Storagegrid
6.9
CVSSv3
CVE-2024-21984
StorageGRID (formerly StorageGRID Webscale) versions before 11.8 are susceptible to a difficult to exploit Reflected Cross-Site Scripting (XSS) vulnerability. Successful exploit requires the malicious user to know specific information about the target instance and trick a privile...
Netapp Storagegrid
8.3
CVSSv3
CVE-2020-14664
Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). The supported version that is affected is Java SE: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful at...
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Netapp 7-mode Transition Tool -
Netapp Active Iq Unified Manager
Netapp Cloud Backup -
Netapp Cloud Secure Agent -
Netapp E-series Performance Analyzer -
Netapp E-series Santricity Os Controller
Netapp E-series Santricity Web Services -
Netapp Oncommand Insight -
Netapp Oncommand Workflow Automation -
Netapp Santricity Unified Manager -
6.5
CVSSv3
CVE-2021-34558
The crypto/tls package of Go up to and including 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client to panic.
Golang Go
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Insights Telegraf -
Netapp Storagegrid -
Netapp Trident -
Oracle Timesten In-memory Database
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-0001
CVE-2025-1378
CVE-2025-24200
waymark
imagemeta
inject
nuuo
firewall
CVE-2025-1094
CVE-2025-1372
hard-coded
CVE-2025-1368
libarchive
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »