Vulnerabilities > Netapp > Solidfire Enterprise SDS HCI Storage Node

DATE CVE VULNERABILITY TITLE RISK
2021-02-17 CVE-2021-26932 An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen.
local
low complexity
linux fedoraproject debian netapp
5.5
2021-01-04 CVE-2020-35507 There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu redhat netapp broadcom
5.5
2021-01-04 CVE-2020-35496 There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu fedoraproject netapp broadcom
5.5
2021-01-04 CVE-2020-35495 There's a flaw in binutils /bfd/pef.c.
local
low complexity
gnu fedoraproject netapp broadcom
5.5
2021-01-04 CVE-2020-35494 There's a flaw in binutils /opcodes/tic4x-dis.c.
local
low complexity
gnu fedoraproject netapp broadcom
6.1
2021-01-04 CVE-2020-35493 A flaw exists in binutils in bfd/pef.c.
local
low complexity
gnu fedoraproject netapp broadcom
5.5
2020-11-28 CVE-2020-29370 Race Condition vulnerability in multiple products
An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11.
local
high complexity
linux netapp CWE-362
7.0
2020-09-10 CVE-2020-25221 Operation on a Resource after Expiration or Release vulnerability in multiple products
get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page.
local
low complexity
linux netapp CWE-672
7.8
2020-05-27 CVE-2020-13632 NULL Pointer Dereference vulnerability in multiple products
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
5.5
2020-05-27 CVE-2020-13631 SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. 5.5