Vulnerabilities > Netapp > HCI Compute Node Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-11 | CVE-2021-22901 | Use After Free vulnerability in multiple products curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. | 8.1 |
| 2021-03-05 | CVE-2021-28041 | Double Free vulnerability in multiple products ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host. | 7.1 |
| 2021-01-04 | CVE-2020-35507 | NULL Pointer Dereference vulnerability in multiple products There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. | 5.5 |
| 2021-01-04 | CVE-2020-35496 | NULL Pointer Dereference vulnerability in multiple products There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. | 5.5 |
| 2021-01-04 | CVE-2020-35495 | NULL Pointer Dereference vulnerability in multiple products There's a flaw in binutils /bfd/pef.c. | 5.5 |
| 2021-01-04 | CVE-2020-35494 | Use of Uninitialized Resource vulnerability in multiple products There's a flaw in binutils /opcodes/tic4x-dis.c. | 6.1 |
| 2021-01-04 | CVE-2020-35493 | Improper Input Validation vulnerability in multiple products A flaw exists in binutils in bfd/pef.c. | 5.5 |
| 2020-11-28 | CVE-2020-29370 | Race Condition vulnerability in multiple products An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. | 7.0 |
| 2020-06-04 | CVE-2020-13817 | Use of Insufficiently Random Values vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. | 5.8 |
| 2020-05-27 | CVE-2020-13632 | NULL Pointer Dereference vulnerability in multiple products ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. | 5.5 |