Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp hci storage node firmware - vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2020-29370
An issue exists in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel prior to 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.
Linux Linux Kernel
Netapp Cloud Backup -
Netapp Solidfire & Hci Management Node -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp Hci Compute Node Firmware -
Netapp H410c Firmware -
Netapp Solidfire Baseboard Management Controller Firmware -
7.8
CVSSv3
CVE-2020-15778
scp in OpenSSH up to and including 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfe...
Openbsd Openssh 8.3
Openbsd Openssh
Netapp A700s Firmware -
Netapp Steelstore Cloud Integrated Storage -
Netapp Active Iq Unified Manager
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Compute Node -
Broadcom Fabric Operating System -
9 Github repositories
7.1
CVSSv3
CVE-2021-28041
ssh-agent in OpenSSH prior to 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
Openbsd Openssh
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Backup -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Compute Node Firmware -
Netapp Hci Storage Node Firmware -
Oracle Zfs Storage Appliance 8.8
Oracle Communications Offline Mediation Controller 12.0.0.3.0
2 Github repositories
3.6
CVSSv3
CVE-2020-29374
An issue exists in the Linux kernel prior to 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write acce...
Linux Linux Kernel
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp 500f Firmware -
Netapp A250 Firmware -
Netapp H410c Firmware -
Netapp Solidfire & Hci Management Node -
Netapp Hci Compute Node Bios -
Netapp Solidfire & Hci Storage Node -
5.3
CVSSv3
CVE-2022-27779
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awa...
Haxx Curl
Netapp Hci Bootstrap Os -
Netapp Clustered Data Ontap -
Netapp Solidfire & Hci Management Node -
Netapp Hci Compute Node -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp H410s Firmware -
Netapp H700s Firmware -
Netapp H500s Firmware -
Netapp H300s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
7.8
CVSSv3
CVE-2022-28893
The SUNRPC subsystem in the Linux kernel up to and including 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
Linux Linux Kernel
Netapp Solidfire & Hci Management Node -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp Hci Compute Node Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
Debian Debian Linux 11.0
5.9
CVSSv3
CVE-2020-14145
The client side in OpenSSH 5.7 up to and including 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle malicious users to target initial connection attempts (where no host key for the server has been cached ...
Openbsd Openssh 8.4
Openbsd Openssh
Openbsd Openssh 8.5
Openbsd Openssh 8.6
Netapp Aff A700s Firmware -
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Compute Node -
1 Github repository
5.5
CVSSv3
CVE-2021-26932
An issue exists in the Linux kernel 3.2 up to and including 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and th...
Linux Linux Kernel
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Netapp Cloud Backup -
Netapp Solidfire & Hci Management Node -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp Hci Compute Node -
Netapp Hci H410c Firmware -
5.5
CVSSv3
CVE-2020-35493
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions before 2....
Gnu Binutils
Fedoraproject Fedora 32
Netapp Cloud Backup -
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire & Hci Management Node -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Broadcom Brocade Fabric Operating System Firmware -
Netapp Hci Compute Node Firmware -
6.1
CVSSv3
CVE-2020-35494
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This ...
Gnu Binutils
Fedoraproject Fedora 32
Netapp Cloud Backup -
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire & Hci Management Node -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Broadcom Brocade Fabric Operating System Firmware -
Netapp Hci Compute Node Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »