Solidfire HCI Storage Node

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-02	CVE-2022-27775	An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. network low complexity haxx debian netapp brocade splunk	7.5
2022-06-02	CVE-2022-27776	Insufficiently Protected Credentials vulnerability in multiple products A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. network low complexity haxx fedoraproject debian netapp brocade splunk CWE-522	6.5
2022-05-26	CVE-2022-22576	Missing Authentication for Critical Function vulnerability in multiple products An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. network low complexity haxx debian netapp brocade splunk CWE-306	8.1
2022-03-02	CVE-2021-3772	A flaw was found in the Linux SCTP stack. network high complexity linux redhat debian oracle netapp	6.5
2021-12-10	CVE-2021-44228	Deserialization of Untrusted Data vulnerability in multiple products Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. network low complexity siemens apache intel debian fedoraproject sonicwall netapp cisco snowsoftware bentley percussion apple CWE-502 critical	10.0
2020-12-15	CVE-2020-29569	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. local low complexity xen linux netapp debian CWE-416	8.8
2020-11-28	CVE-2020-29374	Incorrect Authorization vulnerability in multiple products An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. local high complexity linux debian netapp CWE-863	3.6
2020-10-13	CVE-2020-25645	A flaw was found in the Linux kernel in versions before 5.9-rc7. network low complexity linux debian netapp opensuse canonical	7.5
2020-04-29	CVE-2020-12464	Use After Free vulnerability in multiple products usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925. local low complexity linux netapp CWE-416	6.7
2019-05-07	CVE-2018-20836	Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 4.20. network high complexity linux canonical debian f5 netapp opensuse CWE-416	8.1