Vulnerabilities > Netapp > Solidfire Baseboard Management Controller Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-05 | CVE-2021-42008 | Out-of-bounds Write vulnerability in multiple products The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. | 7.8 |
| 2021-10-02 | CVE-2021-41864 | Integer Overflow or Wraparound vulnerability in multiple products prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. | 7.8 |
| 2021-09-29 | CVE-2021-22946 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). | 7.5 |
| 2021-07-09 | CVE-2021-3612 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. | 7.8 |
| 2021-06-11 | CVE-2021-22901 | Use After Free vulnerability in multiple products curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. | 8.1 |
| 2021-05-26 | CVE-2020-25668 | Improper Synchronization vulnerability in multiple products A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. | 7.0 |
| 2021-05-26 | CVE-2020-25670 | Use After Free vulnerability in multiple products A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. | 7.8 |
| 2021-05-26 | CVE-2020-25671 | Use After Free vulnerability in multiple products A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. | 7.8 |
| 2021-05-26 | CVE-2021-22543 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. | 7.8 |
| 2021-05-25 | CVE-2020-25672 | Memory Leak vulnerability in multiple products A memory leak vulnerability was found in Linux kernel in llcp_sock_connect | 7.5 |