Vulnerabilities > Netapp > HCI Compute Node > High

DATE CVE VULNERABILITY TITLE RISK
2020-07-24 CVE-2020-15778 OS Command Injection vulnerability in multiple products
scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument.
local
low complexity
openbsd netapp broadcom CWE-78
7.8
2019-11-18 CVE-2019-19069 Memory Leak vulnerability in multiple products
A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.
network
low complexity
linux canonical netapp broadcom CWE-401
7.5
2019-11-18 CVE-2019-19050 Memory Leak vulnerability in multiple products
A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.
7.5
2019-07-17 CVE-2019-13272 In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). 7.8
2019-05-08 CVE-2019-11815 Use After Free vulnerability in multiple products
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8.
network
high complexity
linux canonical debian opensuse netapp CWE-416
8.1
2019-05-07 CVE-2018-20836 Use After Free vulnerability in multiple products
An issue was discovered in the Linux kernel before 4.20.
network
high complexity
linux canonical debian f5 netapp opensuse CWE-416
8.1