Netapp Hci Bootstrap Os — known CVE vulnerabilities
Every CVE whose affected-product data names Netapp Hci Bootstrap Os, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2023-28531 — CVSS 9.8 (critical): ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected…
CVE-2024-33599 — CVSS 8.1 (high): nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client…
CVE-2021-38160 — CVSS 7.8 (high): In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that…
CVE-2020-8285 — CVSS 7.5 (high): curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
CVE-2020-8286 — CVSS 7.5 (high): curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP…
CVE-2022-27781 — CVSS 7.5 (high): libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate…
CVE-2022-27775 — CVSS 7.5 (high): An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the…
CVE-2022-27780 — CVSS 7.5 (high): The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a…
CVE-2021-38201 — CVSS 7.5 (high): net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base…
CVE-2021-38202 — CVSS 7.5 (high): fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen)…
CVE-2024-33602 — CVSS 7.4 (high): nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory…
CVE-2024-33601 — CVSS 7.3 (high): nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc…
CVE-2020-29368 — CVSS 7.0 (high): An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can…
CVE-2022-27776 — CVSS 6.5 (medium): A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP…
CVE-2021-38199 — CVSS 6.5 (medium): fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4…
CVE-2021-4209 — CVSS 6.5 (medium): A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input…
CVE-2019-0201 — CVSS 5.9 (medium): An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any…
CVE-2024-33600 — CVSS 5.9 (medium): nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup…
CVE-2022-27774 — CVSS 5.7 (medium): An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an…
CVE-2020-12771 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing…
CVE-2022-36879 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be…
CVE-2021-38203 — CVSS 5.5 (medium): btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of…
CVE-2022-27779 — CVSS 5.3 (medium): libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to…
CVE-2023-29153 — CVSS 4.9 (medium): Uncontrolled resource consumption for some Intel(R) SPS firmware before version SPS_E5_06.01.04.002.0 may allow a privileged user to…
CVE-2022-30115 — CVSS 4.3 (medium): Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is…
CVE-2020-8284 — CVSS 3.7 (low): A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and…
CVE-2020-16166 — CVSS 3.7 (low): The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal…