Netapp

Cloud Backup

343 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2021-43527

  • EPSS 5.24%
  • Veröffentlicht 08.12.2021 22:15:09
  • Zuletzt bearbeitet 21.11.2024 06:29:21

NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \...

7.8

CVE-2018-25020

  • EPSS 0.16%
  • Veröffentlicht 08.12.2021 05:15:07
  • Zuletzt bearbeitet 21.11.2024 04:03:22

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/...

6.7

CVE-2021-43975

Exploit
  • EPSS 0.02%
  • Veröffentlicht 17.11.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:30:07

In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.

4.6

CVE-2021-43976

  • EPSS 0.02%
  • Veröffentlicht 17.11.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:30:07

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

5.5

CVE-2021-42373

  • EPSS 0.08%
  • Veröffentlicht 15.11.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:27:41

A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given

5.3

CVE-2021-42374

Exploit
  • EPSS 0.07%
  • Veröffentlicht 15.11.2021 21:15:07
  • Zuletzt bearbeitet 05.05.2025 17:17:27

An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that

5.5

CVE-2021-42375

  • EPSS 0.06%
  • Veröffentlicht 15.11.2021 21:15:07
  • Zuletzt bearbeitet 23.04.2025 20:15:33

An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditi...

5.5

CVE-2021-42376

  • EPSS 0.05%
  • Veröffentlicht 15.11.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:27:41

A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered comman...

9.8

CVE-2021-42377

  • EPSS 1.86%
  • Veröffentlicht 15.11.2021 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:27:41

An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under...

8.8

CVE-2017-5123

  • EPSS 1.98%
  • Veröffentlicht 02.11.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 03:27:06

Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.