Netapp

Bootstrap Os

54 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2022-22576

Exploit
  • EPSS 0.24%
  • Veröffentlicht 26.05.2022 17:15:09
  • Zuletzt bearbeitet 21.11.2024 06:47:03

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for th...

7.5

CVE-2022-1678

  • EPSS 1.52%
  • Veröffentlicht 25.05.2022 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:41:14

An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.

5.3

CVE-2022-21496

  • EPSS 0.11%
  • Veröffentlicht 19.04.2022 21:15:18
  • Zuletzt bearbeitet 21.11.2024 06:44:50

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5,...

5

CVE-2022-21476

  • EPSS 0.18%
  • Veröffentlicht 19.04.2022 21:15:17
  • Zuletzt bearbeitet 21.11.2024 06:44:47

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20...

4.3

CVE-2022-21443

  • EPSS 0.06%
  • Veröffentlicht 19.04.2022 21:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:42

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20...

6.8

CVE-2021-4203

Exploit
  • EPSS 0.06%
  • Veröffentlicht 25.03.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:37:08

A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak in...

7.5

CVE-2022-23308

  • EPSS 0.06%
  • Veröffentlicht 26.02.2022 05:15:08
  • Zuletzt bearbeitet 05.05.2025 17:17:56

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

5.9

CVE-2020-36516

  • EPSS 0.04%
  • Veröffentlicht 26.02.2022 04:15:06
  • Zuletzt bearbeitet 21.11.2024 05:29:43

An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.

4.7

CVE-2021-3753

Exploit
  • EPSS 0.02%
  • Veröffentlicht 16.02.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:22:20

A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulne...

6.5

CVE-2020-13143

  • EPSS 3.27%
  • Veröffentlicht 18.05.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:44

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753...