VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
3944 advisories across 32 monitored vendors.
All supported versions of FreeBSD are susceptible to vulnerabilities in the POSIX shared memory object module which when successfully exploited could be used to access freed kernel memory and escalate privileges. Successful exploitation of these vulnerabilities could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Linux kernel versions 3.9-rc1 through 5.10.256, 5.11-rc1 through 5.15.207, 5.16-rc1 through 6.1.173, 6.13-rc1 through 6.18.32, 6.19-rc1 through 7.0.9, 6.2-rc1 through 6.6.140, 6.7-rc1 through 6.12.90 and 7.1-rc1 through 7.1-rc4 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Linux kernel versions 5.15.209 prior to 5.16, 6.1.175 prior to 6.2, 6.4 prior to 6.18.33, and 6.19 prior to 7.0.10 are susceptible to a vulnerability referred to as BadEpoll which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
All supported versions of FreeBSD are susceptible to a vulnerability which when successfully exploited could allow an unprivileged local attacker to trigger a use-after-free in the kernel and possibly escalate their privileges. Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp states there is no workaround available at this time.
FreeBSD 15.0 and later are susceptible to a vulnerability which when successfully exploited could allow an unprivileged local user to cause a panic or elevate their privilege. Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp states there is no workaround available at this time.
All supported versions of FreeBSD are susceptible to a vulnerability which when successfully exploited by a remote TLS peer with control of TCP segmentation could result in a kernel panic. Successful exploitation of this vulnerability could lead to Denial of Service (DoS). NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
All supported versions of FreeBSD are susceptible to a vulnerability which when successfully exploited could allow an unprivileged local user to escalate their privilege. Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp states there is no workaround available at this time.
Linux kernel versions 2.6.36-rc1 through 6.1.176, 6.13-rc1 through 6.18.37, 6.19-rc1 through 7.1.2, 6.2-rc1 through 6.6.143 and 6.7-rc1 through 6.12.94 are susceptible to a vulnerability referred to as Januscape which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
All supported versions of FreeBSD are susceptible to a vulnerability which when successfully exploited could allow an unprivileged local user to modify the address space of a SUID binary before its credentials are elevated, potentially gaining full control of the affected system. Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp states there is no workaround available at this time.
Improper encoding of non-finite floating-point values during MapMessage JSON serialization in Apache Log4j API produces output that is not valid JSON. This issue affects Apache Log4j API versions 2.13.1 through 2.25.4 and version 2.26.0. The fix for CVE-2026-34481 did not cover all code paths: when a MapMessage contains a non-finite IEEE 754 value (NaN, Infinity, or -Infinity), MapMessage.asJson() emits the corresponding bare token. RFC 8259 does not permit these tokens, so a conformant parser rejects the resulting document. The defect is reachable only when both of the following conditions hold: * The application uses the message resolver https://logging.apache.org/log4j/2.x/manual/json-template-layout.html#event-template-resolver-message of JsonTemplateLayout or any other layout that relies on MapMessage.asJson() or MapMessage.getFormattedMessage(new String[]{"JSON"}). * The application logs a MapMessage that contains an attacker-controlled floating-point value. An attacker who can supply a non-finite value can cause the affected layout to emit malformed JSON, which may corrupt the enclosing log record or disrupt downstream log ingestion and parsing. Users are advised to upgrade to Apache Log4j API 2.25.5 or 2.26.1, both of which emit RFC 8259-compliant JSON for non-finite values.
Security rule bypass due to incorrect handling of line breaks in form data. Red Hat rates this moderate (CVSS 5.8). Weakness: CWE-179.
Web Application Firewall rules bypass due to incorrect UTF-8 to Unicode transformation. Red Hat rates this moderate (CVSS 5.8). Weakness: CWE-131.
Out-of-bounds read leads to information disclosure and denial of service. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-125.
Information disclosure via truncated RDPGFX planar payload. Red Hat rates this moderate (CVSS 5.4). Weakness: CWE-125.
Server-Side Request Forgery via FTP PASV response IP address validation bypass. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-918.
Arbitrary file overwrite via CLI command. Red Hat rates this moderate (CVSS 6). Weakness: CWE-22.
Use-after-free vulnerability in PDB decoder allows denial of service or limited data corruption. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-825.
Improper Privilege Management, Improper Access Control vulnerability in Apache IoTDB. Authenticated users can escalate to full tree-path access by renaming themselves to __internal_auditor. This issue affects Apache IoTDB: from 2.0.8 before 2.0.10. Users are recommended to upgrade to version 2.0.10, which fixes the issue.
All supported versions of FreeBSD are susceptible to a vulnerability which when successfully exploited could allow an attacker with the ability to debug a process to produce misleading audit trails. Successful exploitation of this vulnerability could lead to addition or modification of data. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Apache Log4j versions 2.21.0 through 2.25.3 and 3.0.0-alpha1 through 3.0.0-beta3 are susceptible to a vulnerability which when successfully exploited could lead to addition or modification of data. Successful exploitation of this vulnerability could lead to addition or modification of data. Affected products: Data Infrastructure Insights and Data Secure Storage Workload Security Agent. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.