Netapp

Solidfire & Hci Management Node

83 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2022-21434

  • EPSS 0.11%
  • Veröffentlicht 19.04.2022 21:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:41

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20...

5

CVE-2022-21426

  • EPSS 0.06%
  • Veröffentlicht 19.04.2022 21:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:40

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5,...

7.8

CVE-2022-28893

  • EPSS 0.03%
  • Veröffentlicht 11.04.2022 05:15:07
  • Zuletzt bearbeitet 21.11.2024 06:58:09

The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.

7

CVE-2022-28796

  • EPSS 0.1%
  • Veröffentlicht 08.04.2022 05:15:07
  • Zuletzt bearbeitet 21.11.2024 06:57:57

jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.

7.8

CVE-2022-0492

  • EPSS 6.99%
  • Veröffentlicht 03.03.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:38:46

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the...

6.5

CVE-2021-3772

  • EPSS 0.16%
  • Veröffentlicht 02.03.2022 23:15:09
  • Zuletzt bearbeitet 21.11.2024 06:22:23

A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP ad...

5.9

CVE-2020-36516

  • EPSS 0.04%
  • Veröffentlicht 26.02.2022 04:15:06
  • Zuletzt bearbeitet 21.11.2024 05:29:43

An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.

7.4

CVE-2021-20322

  • EPSS 0.13%
  • Veröffentlicht 18.02.2022 18:15:09
  • Zuletzt bearbeitet 21.11.2024 05:46:22

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass ...

7.5

CVE-2021-45485

  • EPSS 0.52%
  • Veröffentlicht 25.12.2021 02:15:06
  • Zuletzt bearbeitet 21.11.2024 06:32:18

In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among ma...

8.1

CVE-2021-22901

Exploit
  • EPSS 0.34%
  • Veröffentlicht 11.06.2021 16:15:11
  • Zuletzt bearbeitet 21.11.2024 05:50:52

curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentia...