Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp hci vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-5178
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote c...
Linux Linux Kernel 6.6
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire \\& Hci Storage Node -
1 Github repository
6.5
CVSSv3
CVE-2023-36054
lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) prior to 1.20.2 and 1.21.x prior to 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_...
Mit Kerberos 5 1.21
Mit Kerberos 5
Debian Debian Linux 10.0
Netapp Hci -
Netapp Active Iq Unified Manager -
Netapp Management Services For Element Software -
Netapp Ontap Tools -
Netapp Clustered Data Ontap 9.0
1 Github repository
8.1
CVSSv3
CVE-2023-32257
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An...
Linux Linux Kernel
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H410s -
Netapp Solidfire \\& Hci Storage Node -
9.1
CVSSv3
CVE-2023-38426
An issue exists in the Linux kernel prior to 6.3.4. ksmbd has an out-of-bounds read in smb2_find_context_vals when create_context's name_len is larger than the tag length.
Linux Linux Kernel
Netapp Solidfire \\& Hci Management Node -
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H410s -
Netapp Solidfire \\& Hci Storage Node -
9.1
CVSSv3
CVE-2023-38428
An issue exists in the Linux kernel prior to 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read.
Linux Linux Kernel
Netapp Solidfire \\& Hci Management Node -
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H410s -
Netapp Solidfire \\& Hci Storage Node -
9.1
CVSSv3
CVE-2023-38430
An issue exists in the Linux kernel prior to 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read.
Linux Linux Kernel
Netapp Hci Management Node -
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H410s -
9.1
CVSSv3
CVE-2023-38431
An issue exists in the Linux kernel prior to 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read.
Linux Linux Kernel
Netapp Solidfire \\& Hci Management Node -
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H410s -
9.1
CVSSv3
CVE-2023-38432
An issue exists in the Linux kernel prior to 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read.
Linux Linux Kernel
Netapp Solidfire -
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H410s -
Netapp Solidfire \\& Hci Storage Node -
5.3
CVSSv3
CVE-2023-2975
Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated...
Openssl Openssl
Netapp Ontap Select Deploy Administration Utility -
Netapp Management Services For Element Software And Netapp Hci -
8.1
CVSSv3
CVE-2023-32250
A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can le...
Linux Linux Kernel
Netapp Hci -
Netapp Hci Storage Nodes -
Netapp H300s -
Netapp H500s -
Netapp H700s -
Netapp H410s -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »