Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fas aff baseboard management controller vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2021-28972
In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel up to and including 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly...
Linux Linux Kernel
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Cloud Backup -
Netapp Solidfire Baseboard Management Controller Firmware -
Netapp Fas\\/aff Baseboard Management Controller -
7
CVSSv3
CVE-2021-26708
A local privilege escalation exists in the Linux kernel prior to 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transpor...
Linux Linux Kernel
Netapp Cloud Backup -
Netapp Fas Baseboard Management Controller -
Netapp Aff Baseboard Management Controller -
Netapp Solidfire \\& Hci Management Node -
Netapp Solidfire Baseboard Management Controller -
Netapp Baseboard Management Controller 500f Firmware
Netapp Baseboard Management Controller A250 Firmware
Netapp Hci H410c Firmware -
10 Github repositories
7.8
CVSSv3
CVE-2019-17274
NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC) firmware versions 13.x before 13.1P1 were shipped with a default account enabled that could allow unauthorized arbitrary command execution via local access.
Netapp Fabric-attached Storage 8700 Firmware
Netapp Fabric-attached Storage 8300 Firmware
Netapp All Flash Fabric-attached Storage A400 Firmware
5.5
CVSSv3
CVE-2019-20054
In the Linux kernel prior to 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.
Linux Linux Kernel
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire Baseboard Management Controller -
Netapp Fas\\/aff Baseboard Management Controller -
Netapp E-series Santricity Os Controller
Netapp H610s Firmware -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
4.6
CVSSv3
CVE-2019-19966
In the Linux kernel prior to 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.
Linux Linux Kernel
Debian Debian Linux 8.0
Opensuse Leap 15.1
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire Baseboard Management Controller -
Netapp Fas\\/aff Baseboard Management Controller -
Netapp E-series Santricity Os Controller
Netapp Hci Baseboard Management Controller H610s
Netapp Aff Baseboard Management Controller A700s
4.6
CVSSv3
CVE-2019-19947
In the Linux kernel up to and including 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire Baseboard Management Controller -
Netapp Fas\\/aff Baseboard Management Controller -
Netapp E-series Santricity Os Controller
Netapp Hci Baseboard Management Controller H610s
Netapp Aff Baseboard Management Controller A700s
5.5
CVSSv3
CVE-2019-19922
kernel/sched/fair.c in the Linux kernel prior to 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows malicious users to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7a...
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Oracle Sd-wan Edge 8.2
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire Baseboard Management Controller -
Netapp Fas\\/aff Baseboard Management Controller -
Netapp E-series Santricity Os Controller
Netapp Hci Baseboard Management Controller H610s
Netapp Aff Baseboard Management Controller A700
7.5
CVSSv3
CVE-2019-19061
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel prior to 5.3.9 allows malicious users to cause a denial of service (memory consumption), aka CID-9c0530e898f3.
Linux Linux Kernel
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Aff Baseboard Management Controller -
Netapp Data Availability Services -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Broadcom Brocade Fabric Operating System Firmware -
Netapp Fas\\/aff Baseboard Management Controller -
Netapp E-series Santricity Os Controller 11.0
Netapp E-series Santricity Os Controller 11.0.0
Netapp E-series Santricity Os Controller 11.20
Netapp E-series Santricity Os Controller 11.25
Netapp E-series Santricity Os Controller 11.30
Netapp E-series Santricity Os Controller 11.30.5r3
Netapp E-series Santricity Os Controller 11.40
Netapp E-series Santricity Os Controller 11.40.3r2
4.6
CVSSv3
CVE-2019-19063
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel up to and including 5.3.11 allow malicious users to cause a denial of service (memory consumption), aka CID-3f9361695113.
Linux Linux Kernel
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 30
Canonical Ubuntu Linux 14.04
Opensuse Leap 15.1
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 31
Oracle Sd-wan Edge 8.2
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Aff Baseboard Management Controller -
Netapp Data Availability Services -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Broadcom Brocade Fabric Operating System Firmware -
Netapp Fas\\/aff Baseboard Management Controller -
Netapp E-series Santricity Os Controller 11.0
Netapp E-series Santricity Os Controller 11.0.0
Netapp E-series Santricity Os Controller 11.20
Netapp E-series Santricity Os Controller 11.25
7.5
CVSSv3
CVE-2019-19052
A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel prior to 5.3.11 allows malicious users to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.
Linux Linux Kernel
Debian Debian Linux 8.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Opensuse Leap 15.1
Canonical Ubuntu Linux 19.10
Oracle Sd-wan Edge 8.2
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Aff Baseboard Management Controller -
Netapp Data Availability Services -
Netapp Solidfire \\& Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Broadcom Brocade Fabric Operating System Firmware -
Netapp Fas\\/aff Baseboard Management Controller -
Netapp E-series Santricity Os Controller 11.0
Netapp E-series Santricity Os Controller 11.0.0
Netapp E-series Santricity Os Controller 11.20
Netapp E-series Santricity Os Controller 11.25
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »