Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netapp steelstore cloud integrated storage - vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2019-14598
Improper Authentication in subsystem in Intel(R) CSME versions 12.0 up to and including 12.0.48 (IOT only: 12.0.56), versions 13.0 up to and including 13.0.20, versions 14.0 up to and including 14.0.10 may allow a privileged user to potentially enable escalation of privilege, den...
Intel Converged Security Management Engine Firmware
Netapp Steelstore Cloud Integrated Storage -
1 Article
4.6
CVSSv2
CVE-2020-15852
An issue exists in the Linux kernel 5.5 up to and including 5.7.9, as used in Xen up to and including 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of sync...
Linux Linux Kernel
Xen Xen
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Solidfire Baseboard Management Controller -
6.8
CVSSv2
CVE-2019-19377
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
Linux Linux Kernel
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Active Iq Unified Manager -
Netapp Solidfire Baseboard Management Controller -
7.5
CVSSv2
CVE-2020-8758
Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions prior to 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned ...
Intel Standard Manageability
Intel Active Management Technology Firmware
Netapp Steelstore Cloud Integrated Storage -
1 Article
7.5
CVSSv2
CVE-2019-14893
A flaw exists in FasterXML jackson-databind in all versions prior to 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping(...
Fasterxml Jackson-databind
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Api Services -
Oracle Goldengate Stream Analytics
4
CVSSv2
CVE-2020-8618
An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.
Isc Bind
Opensuse Leap 15.1
Opensuse Leap 15.2
Netapp Steelstore Cloud Integrated Storage -
Canonical Ubuntu Linux 20.04
6.8
CVSSv2
CVE-2019-19447
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
Linux Linux Kernel
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Active Iq Unified Manager -
Netapp Solidfire Baseboard Management Controller -
Netapp Hci Baseboard Management Controller H610s
6.8
CVSSv2
CVE-2020-15778
scp in OpenSSH up to and including 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit validation of "anomalous argument transfe...
Openbsd Openssh 8.3
Openbsd Openssh
Netapp A700s Firmware -
Netapp Steelstore Cloud Integrated Storage -
Netapp Active Iq Unified Manager
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Compute Node -
Broadcom Fabric Operating System -
9 Github repositories
2.1
CVSSv2
CVE-2020-9391
An issue exists in the Linux kernel 5.4 and 5.5 up to and including 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID-dcde...
Linux Linux Kernel
Linux Linux Kernel 5.4
Fedoraproject Fedora 31
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp H410c Firmware -
7.5
CVSSv2
CVE-2019-9169
In the GNU C Library (aka glibc or libc6) up to and including 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
Gnu Glibc
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Backup
Mcafee Web Gateway
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »