Netapp Security Vulnerabilities (CVEs)
Track 366 security vulnerabilities affecting Netapp products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
CVE-2021-32675 is a memory allocation vulnerability in Redis where specially crafted RESP protocol requests can cause excessive memory consumption, po...
Oct 4, 2021This vulnerability in the Linux kernel's MIPS BPF JIT compiler allows unprivileged users to execute arbitrary code with kernel privileges. It affects ...
Sep 20, 2021This is a local privilege escalation vulnerability in the Linux kernel's io_uring subsystem. It allows local users to trigger a use-after-free conditi...
Sep 19, 2021CVE-2021-36160 is an out-of-bounds read vulnerability in Apache HTTP Server's mod_proxy_uwsgi module. A specially crafted URI path can cause the serve...
Sep 16, 2021CVE-2021-39275 is a critical buffer overflow vulnerability in Apache HTTP Server's ap_escape_quotes() function that could allow remote code execution ...
Sep 16, 2021This vulnerability in Apache Tomcat allows denial of service attacks when using specific TLS configurations. Attackers can send specially crafted TLS ...
Sep 16, 2021CVE-2021-3778 is a heap-based buffer overflow vulnerability in Vim text editor that could allow attackers to execute arbitrary code or cause denial of...
Sep 15, 2021CVE-2021-3770 is a heap-based buffer overflow vulnerability in Vim text editor that allows attackers to execute arbitrary code by tricking users into ...
Sep 6, 2021A race condition vulnerability in the ext4 filesystem's inline data handling in Linux kernel versions up to 5.13.13 allows local attackers to corrupt ...
Sep 3, 2021This OpenSSL vulnerability allows attackers to cause buffer overruns when applications directly construct ASN.1 strings without proper NUL termination...
Aug 24, 2021CVE-2021-39150 is a deserialization vulnerability in XStream library that allows remote attackers to access internal resources by manipulating XML inp...
Aug 23, 2021CVE-2021-39154 is a remote code execution vulnerability in XStream library that allows attackers to execute arbitrary code by manipulating XML input s...
Aug 23, 2021CVE-2021-39144 is a remote code execution vulnerability in XStream library versions before 1.4.18. Attackers with sufficient privileges can execute ar...
Aug 23, 2021CVE-2021-39146 is a remote code execution vulnerability in XStream library that allows attackers to execute arbitrary code by manipulating XML input s...
Aug 23, 2021CVE-2021-39148 is a remote code execution vulnerability in XStream library that allows attackers to execute arbitrary code by manipulating XML input s...
Aug 23, 2021CVE-2021-39151 is a remote code execution vulnerability in XStream library versions before 1.4.18. Attackers can manipulate XML input to execute arbit...
Aug 23, 2021CVE-2021-39139 is a remote code execution vulnerability in XStream library that allows attackers to execute arbitrary code by manipulating XML input s...
Aug 23, 2021Node.js DNS library vulnerability allows remote code execution, XSS, and application crashes due to improper validation of DNS responses. Attackers ca...
Aug 16, 2021CVE-2021-22940 is a use-after-free vulnerability in Node.js that allows memory corruption attacks. An attacker could exploit this to potentially execu...
Aug 16, 2021This vulnerability in the Linux kernel's NFS client implementation allows remote attackers to cause a denial of service through slab-out-of-bounds mem...
Aug 8, 2021This vulnerability in the Linux kernel's virtio_console driver allows an untrusted virtual device to supply a buffer length value exceeding the actual...
Aug 7, 2021CVE-2021-3580 is a vulnerability in nettle's RSA decryption functions where specially crafted ciphertext can cause application crashes and denial of s...
Aug 5, 2021This vulnerability allows attackers to trick libcurl applications into using a malicious client certificate instead of the intended one when running i...
Aug 5, 2021This vulnerability in glibc's wordexp function allows attackers to cause denial of service or potentially read arbitrary memory when processing malici...
Jul 22, 2021CVE-2021-35515 is a denial-of-service vulnerability in Apache Commons Compress's 7Z archive handling. When processing a specially crafted 7Z file, the...
Jul 13, 2021CVE-2021-35517 is a denial-of-service vulnerability in Apache Commons Compress where specially crafted TAR archives can trigger excessive memory alloc...
Jul 13, 2021A local privilege escalation vulnerability in Linux kernel versions before 5.9-rc1 allows attackers with local access to crash systems or gain root pr...
Jul 9, 2021This vulnerability allows an attacker to perform heap out-of-bounds writes in the Linux kernel's netfilter subsystem, specifically in x_tables.c. Atta...
Jul 7, 2021This CVE-2021-28691 vulnerability allows a malicious or buggy Xen paravirtualized network frontend to trigger a use-after-free condition in Linux xen-...
Jun 29, 2021CVE-2021-22901 is a use-after-free vulnerability in curl/libcurl that allows a malicious TLS 1.3 server to potentially execute arbitrary code on the c...
Jun 11, 2021This vulnerability allows privileged attackers to execute arbitrary code on NetApp E-Series SANtricity OS Controller Software. Affected systems are th...
Jun 11, 2021CVE-2021-26691 is a critical heap overflow vulnerability in Apache HTTP Server that allows remote attackers to execute arbitrary code or cause denial ...
Jun 10, 2021This vulnerability is an out-of-bounds read in Intel processor firmware that allows authenticated local users to potentially escalate privileges. It a...
Jun 9, 2021This is a use-after-free vulnerability in the Linux kernel's io_uring subsystem that allows local attackers to potentially escalate privileges or cras...
Jun 7, 2021This CVE describes a use-after-free vulnerability in the Linux kernel's SCTP (Stream Control Transmission Protocol) implementation. Attackers can pote...
Jun 7, 2021This CVE describes a use-after-free vulnerability in the Linux kernel's InfiniBand subsystem (ucma.c). Attackers with local access can exploit this to...
Jun 7, 2021This is a use-after-free vulnerability in FreeBSD's ICMPv6 network stack that allows attackers to potentially execute arbitrary code or cause denial o...
Jun 4, 2021CVE-2021-3530 is a stack exhaustion vulnerability in GNU libiberty's rust-demangle.c that allows crafted symbols to cause denial of service through ap...
Jun 2, 2021CVE-2021-26707 is a prototype pollution vulnerability in the merge-deep Node.js library that allows attackers to modify Object.prototype properties. T...
Jun 2, 2021CVE-2021-3520 is an integer overflow vulnerability in the LZ4 compression library that allows attackers to trigger out-of-bounds writes by submitting ...
Jun 2, 2021CVE-2020-14326 is a denial-of-service vulnerability in RESTEasy's RootNode caching mechanism that allows attackers to cause hash flooding, resulting i...
Jun 2, 2021CVE-2020-10771 is a CSRF vulnerability in Infinispan 10 that allows attackers to perform unauthorized actions via GET requests. This affects systems r...
Jun 2, 2021CVE-2021-3516 is a use-after-free vulnerability in libxml2's xmllint tool that allows attackers to execute arbitrary code or cause denial of service b...
Jun 1, 2021IBM Cognos Analytics 11.0 and 11.1 have a vulnerability where the New Data Server Connection page incorrectly enables autocomplete for credential fiel...
Jun 1, 2021IBM Cognos Analytics 11.0 and 11.1 contains an XML External Entity (XXE) vulnerability that allows remote attackers to read arbitrary files from the s...
Jun 1, 2021CVE-2020-4300 is an XML External Entity (XXE) vulnerability in IBM Cognos Analytics that allows remote attackers to read arbitrary files from the serv...
Jun 1, 2021This vulnerability allows remote attackers to inject malicious HTML code into IBM Cognos Analytics. When authenticated users view the compromised cont...
Jun 1, 2021This vulnerability allows unauthenticated remote attackers to read and write files on IBM Cognos Analytics systems by exploiting the DQM API. It affec...
Jun 1, 2021This vulnerability in the trim-newlines Node.js package allows attackers to cause a denial-of-service (DoS) condition through a regular expression den...
May 28, 2021This vulnerability allows a locally authenticated malicious user to escalate privileges in Spring Framework WebFlux applications by manipulating tempo...
May 27, 2021Why Monitor Netapp Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 366+ known vulnerabilities affecting Netapp products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Netapp packages in under 60 seconds. No agents required - completely agentless scanning that works across Netapp deployments.
Free vulnerability database: Access detailed information about every Netapp CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Netapp CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
