netapp solidfire element os - vulnerabilities and exploits

(subscribe to this query)

9.8

CVSSv3

ssh-add in OpenSSH prior to 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.

Openbsd Openssh Netapp Solidfire Element Os -Netapp Hci Bootstrap Os -Netapp Brocade Fabric Operating System -

3 Github repositories

9.8

CVSSv3

Element OS versions before 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote malicious user to perform arbitrary code execution.

Netapp Hci Management Node -Netapp Solidfire -Netapp Hci Storage Node -Netapp Element Os Netapp Element Os 1.8

9.8

CVSSv3

libxslt up to and including 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.

1 Github repository

7.5

CVSSv3

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Eas...

7.5

CVSSv3

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all o...

Isc Bind 9.10.6 Isc Bind 9.10.5 Netapp Solidfire Element Os Management Node -Netapp Data Ontap Edge -

7.5

CVSSv3

snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP prior to 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated malicious user to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

Net-snmp Net-snmp Netapp Storagegrid Webscale -Netapp Solidfire Element Os -Netapp Hyper Converged Infrastructure -Netapp Cloud Backup -Netapp Data Ontap -Netapp E-series Santricity Os Controller

7

CVSSv3

An issue exists in drivers/media/platform/vivid in the Linux kernel up to and including 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race co...

6.8

CVSSv3

A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.

Linux Linux Kernel 5.15 Linux Linux Kernel Netapp Element Software -Netapp Solidfire -Netapp Hci Management Node -Netapp Active Iq Unified Manager -Netapp E-series Santricity Os Controller Netapp Bootstrap Os -Netapp A700s Firmware -Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H410s Firmware -Netapp H410c Firmware -Oracle Communications Cloud Native Core Binding Support Function 22.1.3 Oracle Communications Cloud Native Core Policy 22.2.0 Oracle Communications Cloud Native Core Network Exposure Function 22.1.1

6.5

CVSSv3

An issue exists in the Linux kernel up to and including 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of se...

Linux Linux Kernel 5.12 Linux Linux Kernel Debian Debian Linux 9.0 Netapp Cloud Backup -Netapp Solidfire Baseboard Management Controller Firmware -

Get Started

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook