Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp solidfire enterprise sds - vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-25221
get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x prior to 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be trig...
Linux Linux Kernel
Netapp Cloud Backup -
Netapp Solidfire \\& Hci Management Node -
Netapp Hci Compute Node -
Netapp Solidfire Baseboard Management Controller -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
7
CVSSv3
CVE-2020-29370
An issue exists in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel prior to 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.
Linux Linux Kernel
Netapp Cloud Backup -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Hci Compute Node Firmware -
Netapp H410c Firmware -
Netapp Solidfire Baseboard Management Controller Firmware -
5.5
CVSSv3
CVE-2020-35507
There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions before 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to applicati...
Gnu Binutils
Redhat Enterprise Linux 8.0
Netapp Hci Compute Node Firmware -
Netapp Cloud Backup -
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Broadcom Brocade Fabric Operating System -
7.5
CVSSv3
CVE-2022-36946
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel up to and including 5.18.14 allows remote malicious users to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negat...
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Hci Compute Node -
Netapp Solidfire \\& Hci Storage Node -
Netapp Solidfire Enterprise Sds -
2 Github repositories
4.3
CVSSv3
CVE-2022-30115
Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the ...
Haxx Curl
Netapp Hci Bootstrap Os -
Netapp Clustered Data Ontap -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
7.5
CVSSv3
CVE-2022-27780
The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allo...
Haxx Curl
Netapp Hci Bootstrap Os -
Netapp Clustered Data Ontap -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp H410s Firmware -
Netapp H700s Firmware -
Netapp H500s Firmware -
Netapp H300s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
7.8
CVSSv3
CVE-2022-28893
The SUNRPC subsystem in the Linux kernel up to and including 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
Linux Linux Kernel
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Hci Compute Node Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Debian Debian Linux 11.0
7
CVSSv3
CVE-2022-28796
jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel prior to 5.17.1 has a use-after-free caused by a transaction_t race condition.
Linux Linux Kernel
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Fedoraproject Fedora 35
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Active Iq Unified Manager -
Netapp Hci Compute Node Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
5.5
CVSSv3
CVE-2020-35493
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions before 2....
Gnu Binutils
Fedoraproject Fedora 32
Netapp Cloud Backup -
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Broadcom Brocade Fabric Operating System Firmware -
Netapp Hci Compute Node Firmware -
5.5
CVSSv3
CVE-2020-35495
There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions...
Gnu Binutils
Fedoraproject Fedora 32
Netapp Cloud Backup -
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Broadcom Brocade Fabric Operating System Firmware -
Netapp Hci Compute Node Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »