Netapp Hci Compute Node — known CVE vulnerabilities
Every CVE whose affected-product data names Netapp Hci Compute Node, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (48)
CVE-2019-17006 — CVSS 9.8 (critical): In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application…
CVE-2019-18805 — CVSS 9.8 (critical): An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer…
CVE-2022-37434 — CVSS 9.8 (critical): zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE…
CVE-2024-40896 — CVSS 9.1 (critical): In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if…
CVE-2018-20836 — CVSS 8.1 (high): An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in…
CVE-2019-11815 — CVSS 8.1 (high): An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a…
CVE-2025-24928 — CVSS 7.8 (high): libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD…
CVE-2024-56171 — CVSS 7.8 (high): libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in…
CVE-2020-25221 — CVSS 7.8 (high): get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference…
CVE-2022-30594 — CVSS 7.8 (high): The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions…
CVE-2022-0391 — CVSS 7.5 (high): A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings…
CVE-2018-25032 — CVSS 7.5 (high): zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
CVE-2019-19050 — CVSS 7.5 (high): A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause…
CVE-2019-19069 — CVSS 7.5 (high): A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause…
CVE-2024-53580 — CVSS 7.5 (high): iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function.
CVE-2022-34169 — CVSS 7.5 (high): The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be…
CVE-2022-27781 — CVSS 7.5 (high): libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate…
CVE-2022-21449 — CVSS 7.5 (high): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2022-2048 — CVSS 7.5 (high): In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up…
CVE-2022-36946 — CVSS 7.5 (high): nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service…
CVE-2020-15778 — CVSS 7.4 (high): scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the…
CVE-2024-2961 — CVSS 7.3 (high): The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when…
CVE-2025-0509 — CVSS 7.3 (high): A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload…
CVE-2025-27423 — CVSS 7.1 (high): Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of…
CVE-2020-29369 — CVSS 7.0 (high): An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions…
CVE-2020-12465 — CVSS 6.7 (medium): An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka…
CVE-2020-12464 — CVSS 6.7 (medium): usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a…
CVE-2020-10690 — CVSS 6.5 (medium): There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource…
CVE-2021-3772 — CVSS 6.5 (medium): A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the…
CVE-2024-3447 — CVSS 6.0 (medium): A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size…
CVE-2019-1559 — CVSS 5.9 (medium): If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive…
CVE-2022-21541 — CVSS 5.9 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions…
CVE-2021-2161 — CVSS 5.9 (medium): Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries)…
CVE-2020-1971 — CVSS 5.9 (medium): The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName…
CVE-2020-14145 — CVSS 5.9 (medium): The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This…
CVE-2024-50602 — CVSS 5.9 (medium): An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can…
CVE-2017-5715 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of…
CVE-2021-26932 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls…
CVE-2024-36958 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix nfsd4_encode_fattr4() crasher Ensure that args.acl is…
CVE-2019-19462 — CVSS 5.5 (medium): relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by…
CVE-2021-22876 — CVSS 5.3 (medium): curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking…
CVE-2022-27779 — CVSS 5.3 (medium): libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to…
CVE-2022-21549 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions…
CVE-2021-2163 — CVSS 5.3 (medium): Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries)…
CVE-2022-21540 — CVSS 5.3 (medium): Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions…
CVE-2025-26603 — CVSS 4.2 (medium): Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to…
CVE-2022-2047 — CVSS 2.7 (low): In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment…