Shodan
Vulnerabilities
Vulnerable Software
Netapp:  Security Vulnerabilities
CVE-2023-0386
Known exploited
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
CVSS Score
7.8
EPSS Score
0.474
Published
2023-03-22
CVE-2023-28531
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-03-17
CVE-2023-28486
Sudo before 1.9.13 does not escape control characters in log messages.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-03-16
CVE-2023-28487
Sudo before 1.9.13 does not escape control characters in sudoreplay output.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-03-16
CVE-2023-28466
do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
CVSS Score
7.0
EPSS Score
0.0
Published
2023-03-16
CVE-2022-38734
StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router (LDR) service.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-03-02
CVE-2022-23240
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows unauthorized users to update EMS Subscriptions via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-02-28
CVE-2022-23239
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting (XSS) attack.
CVSS Score
4.8
EPSS Score
0.001
Published
2023-02-28
CVE-2023-26607
In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-02-26
CVE-2023-26545
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
CVSS Score
4.7
EPSS Score
0.0
Published
2023-02-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved