Netapp

Solidfire & Hci Management Node

83 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2021-22897

Exploit
  • EPSS 1.08%
  • Published 11.06.2021 16:15:10
  • Last modified 21.11.2024 05:50:51

curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" ...

7.8

CVE-2019-25045

Exploit
  • EPSS 0.15%
  • Published 07.06.2021 20:15:07
  • Last modified 21.11.2024 04:39:49

An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.

7.8

CVE-2021-33200

  • EPSS 0.03%
  • Published 27.05.2021 13:15:08
  • Last modified 21.11.2024 06:08:30

kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege esca...

3.3

CVE-2021-25217

Exploit
  • EPSS 0.41%
  • Published 26.05.2021 22:15:07
  • Last modified 21.11.2024 05:54:34

In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspecti...

7.8

CVE-2020-25669

Exploit
  • EPSS 0.08%
  • Published 26.05.2021 12:15:15
  • Last modified 21.11.2024 05:18:24

A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_rei...

7

CVE-2020-25668

Exploit
  • EPSS 0.13%
  • Published 26.05.2021 12:15:15
  • Last modified 21.11.2024 05:18:24

A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.

7.8

CVE-2019-25044

Exploit
  • EPSS 0.13%
  • Published 14.05.2021 23:15:07
  • Last modified 21.11.2024 04:39:48

The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blk_mq_free_rqs and blk_cleanup_queue.

7

CVE-2021-23133

Exploit
  • EPSS 0.02%
  • Published 22.04.2021 18:15:08
  • Last modified 21.11.2024 05:51:16

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr...

6.3

CVE-2021-20197

  • EPSS 0.14%
  • Published 26.03.2021 17:15:12
  • Last modified 21.11.2024 05:46:06

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries acros...

9.8

CVE-2021-26987

  • EPSS 1.87%
  • Published 15.03.2021 22:15:13
  • Last modified 21.11.2024 05:57:08

Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-...