VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Netapp
>
Solidfire Enterprise SDS HCI Storage Node
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-06-02
CVE-2022-27779
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies.
network
low complexity
haxx
netapp
splunk
5.3
5.3
2022-06-02
CVE-2022-30115
Cleartext Transmission of Sensitive Information vulnerability in multiple products
Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL.
network
low complexity
haxx
netapp
splunk
CWE-319
4.3
4.3
2022-05-03
CVE-2022-1343
Improper Certificate Validation vulnerability in multiple products
The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response.
network
low complexity
openssl
netapp
CWE-295
5.3
5.3
2022-05-03
CVE-2022-1434
Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key.
network
high complexity
openssl
netapp
CWE-327
5.9
5.9
2022-03-10
CVE-2021-3733
Resource Exhaustion vulnerability in multiple products
There's a flaw in urllib's AbstractBasicAuthHandler class.
network
low complexity
python
redhat
fedoraproject
netapp
CWE-400
6.5
6.5
2022-02-26
CVE-2020-36516
Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.16.11.
network
high complexity
linux
netapp
CWE-327
5.9
5.9
2021-06-11
CVE-2021-22897
Exposure of Resource to Wrong Sphere vulnerability in multiple products
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library.
network
low complexity
haxx
oracle
netapp
siemens
splunk
CWE-668
5.3
5.3
2021-02-17
CVE-2021-26932
An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen.
local
low complexity
linux
fedoraproject
debian
netapp
5.5
5.5
2021-01-04
CVE-2020-35507
There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu
redhat
netapp
broadcom
5.5
5.5
2021-01-04
CVE-2020-35496
There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu
fedoraproject
netapp
broadcom
5.5
5.5
«
1
(current)
2
»
Next