Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp solidfire enterprise sds - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-36946
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel up to and including 5.18.14 allows remote malicious users to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negat...
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Hci Compute Node -
Netapp Solidfire \\& Hci Storage Node -
Netapp Solidfire Enterprise Sds -
2 Github repositories
445
VMScore
CVE-2022-27779
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awa...
Haxx Curl
Netapp Hci Bootstrap Os -
Netapp Clustered Data Ontap -
Netapp Solidfire \\& Hci Management Node -
Netapp Hci Compute Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp H410s Firmware -
Netapp H700s Firmware -
Netapp H500s Firmware -
Netapp H300s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
445
VMScore
CVE-2022-27780
The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allo...
Haxx Curl
Netapp Hci Bootstrap Os -
Netapp Clustered Data Ontap -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp H410s Firmware -
Netapp H700s Firmware -
Netapp H500s Firmware -
Netapp H300s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
445
VMScore
CVE-2022-27781
libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to ret...
Haxx Curl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Hci Bootstrap Os -
Netapp Clustered Data Ontap -
Netapp Solidfire \\& Hci Management Node -
Netapp Hci Compute Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
356
VMScore
CVE-2022-30115
Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the ...
Haxx Curl
Netapp Hci Bootstrap Os -
Netapp Clustered Data Ontap -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
393
VMScore
CVE-2022-30594
The Linux kernel prior to 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows malicious users to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Solidfire \\& Hci Management Node -
Netapp Hci Compute Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
892
VMScore
CVE-2022-1292
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the ...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Snapmanager -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
7 Github repositories
1 Article
383
VMScore
CVE-2022-1343
The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate fail...
Openssl Openssl
Netapp Santricity Smi-s Provider -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Active Iq Unified Manager -
Netapp Snapmanager -
Netapp A250 Firmware -
Netapp A700s Firmware -
Netapp Aff 500f Firmware -
Netapp Aff 8300 Firmware -
Netapp Aff 8700 Firmware -
Netapp Aff A400 Firmware -
Netapp Fabric-attached Storage A400 Firmware -
Netapp Fas 500f Firmware -
Netapp Fas 8300 Firmware -
Netapp Fas 8700 Firmware -
Netapp H300e Firmware -
Netapp H300s Firmware -
Netapp H410s Firmware -
383
VMScore
CVE-2022-1434
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one endpoint to an Op...
Openssl Openssl
Netapp Santricity Smi-s Provider -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Active Iq Unified Manager -
Netapp Snapmanager -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp Aff 8300 Firmware -
Netapp Fas 8300 Firmware -
Netapp Aff 8700 Firmware -
Netapp Fas 8700 Firmware -
Netapp Aff A400 Firmware -
445
VMScore
CVE-2022-1473
The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its...
Openssl Openssl
Netapp Santricity Smi-s Provider -
Netapp Clustered Data Ontap -
Netapp Smi-s Provider -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Active Iq Unified Manager -
Netapp Snapmanager -
Netapp A700s Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp Aff 8300 Firmware -
Netapp Fas 8300 Firmware -
Netapp Aff 8700 Firmware -
Netapp Fas 8700 Firmware -
Netapp Aff A400 Firmware -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »