Vulnerabilities > Netapp > Solidfire Baseboard Management Controller Firmware > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-11	CVE-2021-42252	An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. local low complexity linux netapp	4.6
2021-09-29	CVE-2021-22947	Insufficient Verification of Data Authenticity vulnerability in multiple products When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. network high complexity haxx fedoraproject debian netapp oracle siemens apple splunk CWE-345	5.9
2021-06-11	CVE-2021-22897	Exposure of Resource to Wrong Sphere vulnerability in multiple products curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. network low complexity haxx oracle netapp siemens splunk CWE-668	5.3
2021-06-07	CVE-2019-25045	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.0.19. local low complexity linux netapp CWE-416	4.6
2021-05-26	CVE-2020-25673	Resource Exhaustion vulnerability in multiple products A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system. local low complexity linux fedoraproject netapp CWE-400	5.5
2021-05-10	CVE-2021-32399	Race Condition vulnerability in multiple products net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. local linux debian netapp CWE-362	4.4
2021-03-22	CVE-2021-28972	Classic Buffer Overflow vulnerability in multiple products In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. local low complexity linux fedoraproject netapp CWE-120	6.7
2021-03-22	CVE-2021-28971	Improper Handling of Exceptional Conditions vulnerability in multiple products In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. local low complexity linux fedoraproject debian netapp CWE-755	5.5
2021-03-22	CVE-2021-28964	Race Condition vulnerability in multiple products A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. local high complexity linux fedoraproject debian netapp CWE-362	4.7
2021-03-20	CVE-2021-28951	Improper Locking vulnerability in multiple products An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. local low complexity linux fedoraproject netapp CWE-667	5.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.