Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Netapp Subscribe
Filtered by product Hci Storage Node

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-9841 8 Apple, Canonical, Debian and 5 more 38 Iphone Os, Mac Os X, Tvos and 35 more 2022-06-22 7.5 HIGH 9.8 CRITICAL
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
CVE-2020-8584 1 Netapp 4 Element Os, Hci Management Node, Hci Storage Node and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Element OS versions prior to 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote attacker to perform arbitrary code execution.
CVE-2019-17006 3 Mozilla, Netapp, Siemens 21 Network Security Services, Hci Compute Node, Hci Management Node and 18 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.
CVE-2017-7658 5 Debian, Eclipse, Hp and 2 more 20 Debian Linux, Jetty, Xp P9000 and 17 more 2021-07-20 7.5 HIGH 9.8 CRITICAL
In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.
CVE-2019-18805 5 Broadcom, Linux, Netapp and 2 more 22 Fabric Operating System, Linux Kernel, Active Iq Unified Manager and 19 more 2021-06-22 7.5 HIGH 9.8 CRITICAL
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.