Netapp Security Vulnerabilities (CVEs)
Track 366 security vulnerabilities affecting Netapp products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability in the Linux kernel's BPF verifier allows incorrect pointer arithmetic limits, enabling out-of-bounds memory access. Attackers can ...
May 27, 2021A memory corruption vulnerability in ISC DHCP allows attackers to cause denial of service by crashing dhclient or dhcpd processes when they parse mali...
May 26, 2021This CVE describes a use-after-free vulnerability in the Linux kernel's Sun keyboard driver (sunkbd). An attacker with local access can potentially ex...
May 26, 2021This CVE describes a use-after-free vulnerability in the Linux kernel's NFC LLCP (Logical Link Control Protocol) implementation. An attacker could exp...
May 26, 2021This CVE-2021-22543 vulnerability in Linux KVM allows attackers with VM control privileges to bypass read-only memory checks, potentially leading to m...
May 26, 2021This CVE describes a use-after-free vulnerability in the GNU C Library (glibc) mq_notify function affecting versions 2.32 and 2.33. Attackers could ex...
May 25, 2021CVE-2020-25672 is a memory leak vulnerability in the Linux kernel's llcp_sock_connect function. This vulnerability allows attackers to cause denial of...
May 25, 2021CVE-2020-36329 is a use-after-free vulnerability in libwebp that allows attackers to execute arbitrary code or cause denial of service. This affects a...
May 21, 2021CVE-2020-36330 is an out-of-bounds read vulnerability in libwebp versions before 1.0.1, allowing attackers to read sensitive memory data or cause deni...
May 21, 2021CVE-2020-36332 is a memory exhaustion vulnerability in libwebp library versions before 1.0.1. When processing specially crafted WebP images, libwebp a...
May 21, 2021A use-after-free vulnerability in libxml2 versions before 2.9.11 allows attackers to submit crafted XML files to applications using this library, pote...
May 18, 2021A race condition in the Linux kernel's Bluetooth HCI controller removal allows local attackers to cause a use-after-free condition. This can lead to s...
May 10, 2021This vulnerability in the Linux kernel's KVM API allows a user process to trigger an out-of-bounds write by manipulating the internal.ndata value. It ...
May 6, 2021CVE-2021-29489 is a cross-site scripting (XSS) vulnerability in Highcharts JS versions 8 and earlier. It allows attackers to inject malicious scripts ...
May 5, 2021This vulnerability in BIND DNS servers allows remote attackers to cause denial of service by sending specially crafted DNS queries that trigger an ass...
Apr 29, 2021This vulnerability in Linux kernel BPF JIT compilers allows attackers to execute arbitrary code within kernel context due to incorrect branch displace...
Apr 8, 2021This vulnerability in Nettle cryptographic library allows attackers to forge digital signatures by exploiting incorrect elliptic curve multiplication ...
Apr 5, 2021This vulnerability in Eclipse Jetty allows denial-of-service attacks by causing 100% CPU usage when processing large invalid TLS frames. Attackers can...
Apr 1, 2021This OpenSSL vulnerability allows certificate chain validation to be bypassed when the X509_V_FLAG_X509_STRICT flag is explicitly set. It affects appl...
Mar 25, 2021CVE-2019-19343 is a memory leak vulnerability in Undertow's HttpOpenListener when using Remoting in Red Hat JBoss EAP. This flaw allows attackers to c...
Mar 23, 2021CVE-2021-21341 is a denial-of-service vulnerability in XStream library where specially crafted XML input can cause 100% CPU consumption on target syst...
Mar 23, 2021This vulnerability in Grafana's snapshot feature allows unauthenticated remote attackers to trigger a Denial of Service via API calls when a commonly ...
Mar 18, 2021This is a buffer overflow vulnerability in the rtl8188eu Wi-Fi driver staging code in Linux kernels up to 5.11.6. It allows writing beyond the end of ...
Mar 17, 2021This vulnerability allows remote code execution on systems running vulnerable versions of the Element Plug-in for vCenter Server. Attackers can exploi...
Mar 15, 2021This vulnerability in the Linux kernel allows user applications to send kernel RPC messages through the fastrpc driver, bypassing intended access cont...
Mar 15, 2021This CVE-2021-20231 is a critical use-after-free vulnerability in GnuTLS that occurs when a client sends a key_share extension, potentially leading to...
Mar 12, 2021This vulnerability allows an unauthenticated attacker to cause a denial of service by triggering a hang during SSL handshake responses in IBM DB2. Aff...
Mar 11, 2021An integer overflow vulnerability in libtiff's tif_getimage.c allows attackers to execute arbitrary code when a user opens a malicious TIFF file. This...
Mar 9, 2021CVE-2021-27364 is a Linux kernel vulnerability in the iSCSI subsystem that allows unprivileged local users to cause a denial of service or potentially...
Mar 7, 2021This CVE describes a double-free vulnerability in ssh-agent component of OpenSSH versions before 8.5. It could allow attackers to potentially execute ...
Mar 5, 2021Node.js servers are vulnerable to denial of service attacks when attackers establish numerous connections with unknown protocols, causing file descrip...
Mar 3, 2021This GRUB2 vulnerability allows attackers to corrupt memory by one byte for each quote in menu input due to an incorrect length calculation. It affect...
Mar 3, 2021This CVE-2020-25632 vulnerability in GRUB2 allows attackers to unload kernel modules that other modules depend on, creating a use-after-free condition...
Mar 3, 2021This vulnerability in GRUB2 allows privileged attackers to bypass Secure Boot protections by using the cutmem command to remove memory address ranges....
Mar 3, 2021A use-after-free vulnerability in Linux kernel's io_uring subsystem allows local attackers with user privileges to cause denial of service or potentia...
Feb 23, 2021Apache MyFaces Core uses cryptographically weak CSRF tokens in default configurations, allowing attackers to potentially predict future token values a...
Feb 19, 2021CVE-2020-8625 is a buffer overflow vulnerability in BIND DNS servers that affects systems configured with GSS-TSIG features. Exploitation could lead t...
Feb 17, 2021CVE-2021-27219 is an integer overflow vulnerability in GNOME GLib's g_bytes_new function on 64-bit platforms, caused by an implicit cast from 64-bit t...
Feb 15, 2021Lodash versions before 4.17.21 contain a command injection vulnerability in the template function that allows attackers to execute arbitrary commands ...
Feb 15, 2021CVE-2021-26708 is a local privilege escalation vulnerability in the Linux kernel's AF_VSOCK implementation caused by race conditions due to incorrect ...
Feb 5, 2021This vulnerability in the GNU C Library's iconv function causes a program crash when processing invalid ISO-2022-JP-3 encoded input. It affects any ap...
Jan 27, 2021CVE-2021-26118 is an access control bypass vulnerability in Apache ActiveMQ Artemis where advisory message creation in the OpenWire protocol bypasses ...
Jan 27, 2021CVE-2021-3156 is a heap-based buffer overflow vulnerability in Sudo that allows local users to escalate privileges to root. The exploit involves using...
Jan 26, 2021This vulnerability in Go on Windows allows command injection and remote code execution when using 'go get' to fetch modules that use cgo. Attackers ca...
Jan 26, 2021This XXE vulnerability in Apache Nutch's DmozParser allows attackers to read arbitrary files from the server filesystem and potentially perform server...
Jan 25, 2021This is a buffer overflow vulnerability in Python's ctypes module that could allow remote code execution. It affects Python applications that process ...
Jan 19, 2021This vulnerability in XMLBeans XML parsers allows attackers to perform XML Entity Expansion (XXE) attacks by submitting malicious XML input. It affect...
Jan 14, 2021CVE-2021-23240 is a privilege escalation vulnerability in Sudo's SELinux RBAC support that allows local unprivileged users to gain file ownership and ...
Jan 12, 2021CVE-2020-8584 is a critical remote code execution vulnerability in NetApp Element OS that allows unauthenticated attackers to execute arbitrary code o...
Jan 8, 2021This vulnerability in FasterXML jackson-databind allows remote code execution through deserialization of untrusted data. Attackers can exploit the int...
Jan 7, 2021Why Monitor Netapp Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 366+ known vulnerabilities affecting Netapp products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Netapp packages in under 60 seconds. No agents required - completely agentless scanning that works across Netapp deployments.
Free vulnerability database: Access detailed information about every Netapp CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Netapp CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
