Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Hci_management_node
(Netapp)| Repositories |
• https://github.com/torvalds/linux
• https://github.com/opencontainers/runc • https://github.com/openbsd/src |
| #Vulnerabilities | 183 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-07-19 | CVE-2022-21541 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this... | Zulu, Debian_linux, Fedora, 7\-Mode_transition_tool, Active_iq_unified_manager, Cloud_insights_acquisition_unit, Cloud_secure_agent, Hci_compute_node, Hci_management_node, Oncommand_insight, Solidfire, Graalvm, Jdk, Jre, Openjdk | N/A | ||
| 2022-07-19 | CVE-2022-21549 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update,... | Zulu, Debian_linux, Fedora, 7\-Mode_transition_tool, Active_iq_unified_manager, Cloud_insights_acquisition_unit, Cloud_secure_agent, Hci_compute_node, Hci_management_node, Oncommand_insight, Solidfire, Graalvm, Jdk, Jre | N/A | ||
| 2023-07-10 | CVE-2023-32254 | A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. | Linux_kernel, H300s, H410s, H500s, H700s, Hci_management_node | 8.1 | ||
| 2023-07-18 | CVE-2023-38430 | An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read. | Linux_kernel, H300s, H410s, H500s, H700s, Hci_management_node | 9.1 | ||
| 2021-09-15 | CVE-2016-20012 | OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE: the vendor does not recognize user enumeration as a vulnerability for this product | Clustered_data_ontap, Hci_management_node, Ontap_select_deploy_administration_utility, Solidfire, Openssh | 5.3 | ||
| 2019-11-04 | CVE-2019-18683 | An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(),... | Fabric_operating_system, Ubuntu_linux, Debian_linux, Linux_kernel, 8300_firmware, 8700_firmware, A400_firmware, A700s_firmware, Active_iq_unified_manager, Cloud_backup, Data_availability_services, E\-Series_santricity_os_controller, Element_software, H610s_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Leap | 7.0 | ||
| 2019-04-25 | CVE-2019-3900 | An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Active_iq_unified_manager_for_vmware_vsphere, Cn1610_firmware, Hci_management_node, Snapprotect, Solidfire, Storage_replication_adapter_for_clustered_data_ontap_for_vmware_vsphere, Vasa_provider_for_clustered_data_ontap, Virtual_storage_console_for_vmware_vsphere, Sd\-Wan_edge, Enterprise_linux | 7.7 | ||
| 2019-09-19 | CVE-2019-14821 | An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of... | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Aff_a700s_firmware, Data_availability_services, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610s_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Solidfire, Leap, Sd\-Wan_edge, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_real_time, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization_host | 8.8 | ||
| 2019-08-16 | CVE-2019-15118 | check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion. | Ubuntu_linux, Debian_linux, Linux_kernel, Active_iq_unified_manager, Data_availability_services, H410c_firmware, Hci_management_node, Solidfire, Solidfire_baseboard_management_controller_firmware, Leap | 5.5 | ||
| 2019-02-11 | CVE-2019-5736 | runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling,... | Mesos, Ubuntu_linux, Dc\/os, Kubernetes_engine, Docker, Fedora, Kubernetes_engine, Onesphere, Lxc, Runc, Service_management_automation, Hci_management_node, Solidfire, Backports_sle, Leap, Container_development_kit, Enterprise_linux, Enterprise_linux_server, Openshift | 8.6 |