Netapp

Steelstore Cloud Integrated Storage

211 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2020-12659

Exploit
  • EPSS 0.14%
  • Published 05.05.2020 07:15:11
  • Last modified 21.11.2024 05:00:00

An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.

7.8

CVE-2020-12653

  • EPSS 0.21%
  • Published 05.05.2020 06:15:11
  • Last modified 21.11.2024 04:59:59

An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer ov...

7

CVE-2020-1752

  • EPSS 0.19%
  • Published 30.04.2020 17:15:13
  • Last modified 21.11.2024 05:11:18

A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker ...

7.2

CVE-2020-12465

  • EPSS 0.17%
  • Published 29.04.2020 19:15:12
  • Last modified 21.11.2024 04:59:45

An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.

7.2

CVE-2020-12464

Exploit
  • EPSS 0.08%
  • Published 29.04.2020 18:15:13
  • Last modified 21.11.2024 04:59:45

usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.

7

CVE-2020-11884

  • EPSS 0.04%
  • Published 29.04.2020 13:15:11
  • Last modified 21.11.2024 04:58:49

In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade...

7.5

CVE-2020-12243

Exploit
  • EPSS 6.57%
  • Published 28.04.2020 19:15:12
  • Last modified 21.11.2024 04:59:22

In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).

7.5

CVE-2020-1967

Exploit
  • EPSS 66.69%
  • Published 21.04.2020 14:15:11
  • Last modified 21.11.2024 05:11:45

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occur...

7.5

CVE-2020-2816

  • EPSS 0.4%
  • Published 15.04.2020 14:15:29
  • Last modified 21.11.2024 05:26:21

Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Ja...

5.3

CVE-2020-2830

  • EPSS 0.22%
  • Published 15.04.2020 14:15:29
  • Last modified 21.11.2024 05:26:23

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthe...