Vulnerabilities > Netapp > Solidfire HCI Management Node
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-23 | CVE-2020-15436 | Use After Free vulnerability in multiple products Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. | 6.7 |
| 2020-10-13 | CVE-2020-25645 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A flaw was found in the Linux kernel in versions before 5.9-rc7. | 7.5 |
| 2020-09-10 | CVE-2020-25221 | Operation on a Resource after Expiration or Release vulnerability in multiple products get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. | 7.8 |
| 2020-08-20 | CVE-2020-15861 | Link Following vulnerability in multiple products Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following. | 7.8 |
| 2020-06-03 | CVE-2020-13776 | Improper Privilege Management vulnerability in multiple products systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. | 6.7 |
| 2020-05-05 | CVE-2020-12659 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel before 5.6.7. | 6.7 |
| 2020-04-29 | CVE-2020-12465 | Classic Buffer Overflow vulnerability in multiple products An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. | 6.7 |
| 2020-04-10 | CVE-2020-8832 | Information Exposure vulnerability in multiple products The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information. | 5.5 |
| 2019-12-28 | CVE-2019-20054 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e. | 5.5 |
| 2019-12-25 | CVE-2019-19966 | Use After Free vulnerability in multiple products In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655. | 4.6 |