Vulnerabilities > Netapp > Solidfire HCI Management Node

DATE CVE VULNERABILITY TITLE RISK
2023-11-01 CVE-2023-5178 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel.
network
low complexity
linux redhat netapp CWE-416
8.8
2023-07-18 CVE-2023-38426 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.4.
network
low complexity
linux netapp CWE-125
critical
9.1
2023-07-18 CVE-2023-38428 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.4.
network
low complexity
linux netapp CWE-125
critical
9.1
2023-07-18 CVE-2023-38431 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in the Linux kernel before 6.3.8.
network
low complexity
linux netapp CWE-125
critical
9.1
2023-04-24 CVE-2023-2007 Improper Locking vulnerability in multiple products
The specific flaw exists within the DPT I2O Controller driver.
local
low complexity
linux debian netapp CWE-667
7.8
2022-10-24 CVE-2022-43680 Use After Free vulnerability in multiple products
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
7.5
2022-08-24 CVE-2021-4209 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in GnuTLS.
network
low complexity
gnu redhat netapp CWE-476
6.5
2022-07-27 CVE-2022-36946 nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.
network
low complexity
linux debian netapp
7.5
2022-06-02 CVE-2022-27774 Insufficiently Protected Credentials vulnerability in multiple products
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.
network
low complexity
haxx debian netapp brocade splunk CWE-522
5.7
2022-06-02 CVE-2022-27775 An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.
network
low complexity
haxx debian netapp brocade splunk
7.5