Vulnerabilities > Netapp > Solidfire Baseboard Management Controller Firmware > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-03-07	CVE-2021-27365	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.3. local low complexity linux debian oracle netapp CWE-787	4.6
2021-03-05	CVE-2021-28039	Incorrect Calculation of Buffer Size vulnerability in multiple products An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. local low complexity xen linux netapp CWE-131	6.5
2021-03-05	CVE-2021-28038	Allocation of Resources Without Limits or Throttling vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. local low complexity linux debian netapp CWE-770	6.5
2021-01-05	CVE-2020-36158	Classic Buffer Overflow vulnerability in multiple products mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332. local low complexity linux fedoraproject debian netapp CWE-120	6.7
2020-12-11	CVE-2020-27825	Race Condition vulnerability in multiple products A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). local high complexity linux redhat debian netapp CWE-362	5.7
2020-12-10	CVE-2020-27350	Integer Overflow or Wraparound vulnerability in multiple products APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. local low complexity debian netapp CWE-190	5.7
2020-12-09	CVE-2020-29660	Improper Locking vulnerability in multiple products A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. local low complexity linux fedoraproject debian netapp broadcom CWE-667	4.4
2020-11-23	CVE-2020-15436	Use After Free vulnerability in multiple products Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. local low complexity linux broadcom netapp CWE-416	6.7
2020-05-18	CVE-2020-13143	Out-of-bounds Read vulnerability in multiple products gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. network low complexity linux opensuse debian canonical netapp CWE-125	6.5
2020-05-15	CVE-2020-12888	Improper Handling of Exceptional Conditions vulnerability in multiple products The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. local high complexity linux fedoraproject opensuse debian canonical netapp CWE-755	5.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.